The business and culture of our digital lives,
from the L.A. Times

« Previous Post | Technology Home | Next Post »

Sony apologizes, says 10 million credit card accounts may have been exposed in network attack

May 1, 2011 |  1:33 pm

Sony Apology Sony has revealed that 10 million credit card accounts may have been exposed two weeks ago when a hacker broke into the company's computers in San Diego and stole data from 77 million PlayStation Network accounts.

During a news conference in Tokyo on Saturday, Kaz Hirai, Sony's executive deputy president, offered the company's first public apology by an executive and promised to compensate customers.

"We offer our sincerest apologies," Hirai said, then bowed deeply in a Japanese custom showing regret, at the news conference, a recording of which can be viewed here.

Hirai said Sony would give affected customers 30 days of free access to its Qriocity music-streaming service as well as 30 days of access to its PlayStation Plus online game service. In addition, Sony said it will provide credit card protection services for the 10 million customers whose data were compromised.

Sony last week said it had encrypted credit card data, but not other account information, including names, addresses, email addresses and birth dates.

The break-in, which occurred between April 17 and April 19 but was not disclosed until April 25, drew furor from U.S. lawmakers, who last week demanded more information from Sony about the intrusion and why the company took a week before notifying its customers.

Sony has maintained that the company acted as quickly as it could to ascertain the nature of the break-in, hire security experts and assess the scope of the damage. During the news conference, Hirai offered a time line of the events, saying the company was notified of the intrusion on April 19 and shut down the service on April 20 to investigate. It hired three firms to conduct a forensic analysis of its computers.

Clarifying an earlier statement that said consumer passwords were not encrypted, Sony said they were "hashed," a form of mathematical obfuscation that makes it difficult for a hacker to read the passwords.

-- Alex Pham

Photo: Speaking at a news conference Saturday, Kazuo Hirai, Sony's executive deputy president, is flanked by Shinji Hasejima, Sony's chief information officer, on the right, and Shiro Kambe, senior vice president of corporate communications. Credit: Sony Corp