Sony PlayStation Network Back Online After DDoS Attack

Printer-friendly version Email this CRN article

Sony's PlayStation Network is back online Monday after being brought down by a distributed denial-of-service attack Sunday.

Sony confirmed the attack in a statement and said it believes the network is safe and there is no evidence that any personal data was accessed. The intention of the attack was to flood the network with artificial users, stopping the network from functioning properly, according to Sony.

Related: Sony Agrees To $15 Million Payout, Free PS3 Games In PlayStation Breach Settlement

Sony also said in a blog post Monday that regular maintenance on the PlayStation Network is being delayed because of Sunday's breach.

"The PlayStation Network and Sony Entertainment Network are back online and people can now enjoy the services on their PlayStation devices," the statement said. "The networks were taken offline due to a distributed denial-of-service attack. We have seen no evidence of any intrusion to the network and no evidence of any unauthorized access to users’ personal information."

A similar breach of the PlayStation Network took place in April 2011, resulting in Sony agreeing to pay $15 million to users impacted by the nearly monthlong outage of the PlayStation Network and Qriocity Music Serivce.

The breach was one of the largest data breaches at the time, impacting more than 77 million PlayStation accounts, exposing login credentials, names, addresses, phone numbers and email addresses of account holders. Sony offered a year of identity theft protection to U.S. PlayStation users immediately following the breach.

"In the tech world, unless you approach security with the right mind-set in a layered approach for client-facing and public-facing services, it's not rocket science, but it has to be done right," said Douglas Grosfield, president and CEO of Xylotek Solutions, an Ontario-based solution provider specializing in IT security. "It's expensive, but the cost of not doing it is far worse. I don't know the statistics in the U.S., but in Canada, any company that has a massive breach it's extraordinarily difficult to recover from, and some companies don’t."

Companies that take personal and private information from users need to take every precaution in protecting their clients, said Grosfield.

"One of our specialties is IT security, so for us it's very frustrating to see companies that you think should get it and still don't. They are just not protecting themselves," he said.


Printer-friendly version Email this CRN article