PlayStation Network 2011 hack
Sometimes hackers manage to pull of something so audacious it becomes part of infosec legend: the 2011 LulzSec hack of the PlayStation Network is one such case.
In mid-April 2011, users trying to log in to the PlayStation Network (PSN) were greeted with a message stating the system was "currently undergoing maintenance" or simply that "an error [had] occurred", preventing them from logging in.
On 20 April, Sony acknowledged there was a problem with "certain functions of PlayStation Network" and that it would report back with more information when it was available.
Instead, later that night, Sony shut down the network completely - an outage that would last a month.
One of the defining features of the early part of the PSN hack was Sony's reticence to share information with the public. It took two days for Sony to give any kind of explanation as to why it shut down the PSN, and what information it did give was brief in the extreme.
A short post to the PlayStation blog on 22 April from then director of corporate communications, Patrick Seybold, said simply: "An external intrusion on our system has affected [the] PlayStation Network and Qriocity (now Sony Music Unlimited) services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off ... [the] services on the evening of Wednesday, April 20th."
It would be another four days until Sony revealed the extent of what had happened, and it was huge.
Between 17 and 19 April, LulzSec hackers managed to completely breach Sony's security measures gaining access to all 77 million users' real names, postal addresses, country, email address, date of birth, PSN and/or Qriocity username and password, and security answers.
While this would have been bad enough, it was compounded by the fact that 12,700 card details, along with billing addresses and purchase history, were also taken during the hack - although this wasn't confirmed until early May.
This led to Sony advising users not only to change their PSN password once the service was online again, as well as that of any other service where they'd used the same username and/or password, but also "to be especially aware of email, telephone, and postal mail scams".
It also advised customers "to remain vigilant, to review [their] account statements and to monitor [their] credit reports" in order to protect against identity theft and financial fraud.
By the time full service was resumed on 31 May, the 2011 PSN hack had cost Sony $171 million and was, by volume, one of the biggest hacks ever at the time.
Sony has never revealed exact details of how its servers were breached, however it's thought a SQL injection and/or a modded PS3 may have been used. Once inside, the hackers were home free, because most non-financial details were stored in plain text. The only exception was the passwords, which were hashed using MD5, although they were not encrypted.
While Sony has been the victim of subsequent hacks and attacks - most recently the Christmas 2014 DDoS of the PSN and November hacking of Sony Pictures Entertainment - spring 2011 stands out as a beacon of poor crisis management and data security that won't be forgotten anytime soon.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
