Sony Hires Three Security Firms To Investigate PSN/SOE Attacks

By Colin Tan on May 3, 2011, 7:07PM EST

Sony has turned to the aid of three security firms in lieu of the cyber attacks on both PlayStation Network and Sony Online Entertainment. The Wall Street Journal reports that Sony have hired Protiviti Inc., an internal audit and consulting firm, as well as two other computer forensics firms, Guidance Software Inc. and Data Forte Corp.

As a result of the hacking attack on both networks, the information a over a hundred million users have been compromised, with hackers taking names, addresses, passwords and possibly credit card numbers stored in Sony's database. There are roughly 77 million registered users on the PlayStation Network while about 25 million accounts on Sony Online Entertainment were compromised and 23,400 credit card numbers were stolen.

Sony's Patrick Seybold assured customers earlier Monday that passwords, while not fully encrypted, where protected using a "hash function," a common method of encryption used for passwords that turn them into strings of random letters. Credit card numbers are fully encrypted and the 3-digit CCV codes were not stored in Sony's database.

However, according to a report from International Business Times, hashed passwords can be cracked by "rainbow tables," a table that lists "every possible output of a hash function with a given length of text."

Sony apologized on Sunday during a press conference for the breach in security, offering 30 days of PlayStation Plus and Music Unlimited for free and extending the service for current subscribers.

blog comments powered by Disqus