Technology giant Sony (www.sony.com) revealed Tuesday that an additional 25 million customers of its Sony Online Entertainment (www.soe.com) PC games network had personal details stolen prior to the PlayStation breach last week.
Personal information of more than 77 million users was compromised in the PlayStation hack that occurred between April 17 and April 19, but the company now admits “hackers may have stolen SOE customer information on April 16 and April 17, 2011,” according to a press release.
As part of the earlier hack, information from an “outdated” database from 2007 was also compromised. According to Sony, this information includes almost 13,000 non-US credit or debit card numbers and expiration dates and nearly 11,000 direct debit records of some customers from Austria, Germany, Netherlands and Spain, including bank account numbers. Sony assures customers that the credit card security codes were not compromised.
Earlier this week, Sony said there was no evidence that credit card was taken through the PlayStation breach, though the company would not “rule out the possibility.”
Sony says it shut down all servers related to SOE services immediately after the discovery of this information.
According to the company, the compromised information from the SOE accounts
includes name, address, email address, birthdate, gender, phone number, login name and password.
Sony has given customers 30 days additional time on their subscriptions, and is compensating customers for each day the system is down. The company is also offering to assist users in enrolling in identity theft protection services. Sony issued an apology over the PlayStation compromise early this week, before the discovery of the SOE hack.
Sony continues to investigate with the FBI, as well as conducting its own internal investigation.
The Guardian claims that “the latest news will be a serious blow to Sony’s management, already reeling from the enormous revelation of the problems with the PSN…though there have been no reports of management changes, it is expected that there will be serious ramifications from the security breaches inside the company.”