*Genius*
Prime VIP
Sony subsidiary admits someone broke into its Internet service and made off with virtual currency worth upwards of $1,000.
By Matt Peckham, PC World | Security, Sony Add a new comment
May 20, 2011, 1:33 PM — Sorry Sony wonks, heave a collective sigh, shoulders slumped, heads down, and brace for more bad news: Sony's been hacked again.
Citing the Wall Street Journal, Reuters reports an intruder broke into So-Net, an Internet service provider subsidiary of Sony Japan, and made off with over $1,000 in virtual points from account holders.
Note, importantly, that this isn't PlayStation Network, Qriocity, or Sony Online Entertainment related. In fact I'd never heard of So-Net until now, though that doesn't make it any less dreadful as questions of corporate competence go.
A official statement on the site (in Japanese) explains So-Net has terminated exchanges of points, and asked customers to change their passwords. Reuters' translator says the total lost was "about 100,000 yen," or $1,224. Google's translation of the site reads it as "approximately 10 million yen," or $122,384, which is probably why we shouldn't trust Google Translate.
Here's the odd bit: So-Net admitted the site had been accessed thousands of times from the same IP address, which looks like a brute-force password attack. Why didn't So-Net throw up a block, you know, at 100? My web host kicked my IP address to the curb for screwing up twice. IP spoofing? Perhaps.
As info-leaks go, So-Net says it can't yet confirm any personal data was stolen. If it was, information obtained would be similar to that exposed in the mid-April PSN network hack, including names, addresses, birth dates, and phone numbers.
To recap, the good news: not the PSN or SOE. The bad news, still Sony corporate, and this time, they made off with actual cash.