It's deja vu all over again: Sony's So-net admits to data breach

So-net, which is a Japanese internet service provider owned by Sony, said the points from 128 customer accounts were redeemed without permission, according to a report in the Wall Street Journal.

Another 73 accounts were accessed, but the points were not redeemed. In addition, 90 email accounts on the So-net network were compromised.

So-net said there is no evidence that personal data such as names, addresses, birth dates or phone numbers were viewed. It discovered the breach on May 18 after receiving complaints from customers.

The company discovered that the intrusions took place on May 16 and 17. Once it discovered the breach, the provider said it halted the redemption service, the newspaper reported.

The announcement of the So-net breach comes only days after Sony restarted service on its PlayStation Network (PSN) and Sony Online Entertainment following an investigation into the massive data breach that exposed information on 100 million subscribers. As Infosecurity reported, that restart did not go smoothly. The company discovered a flaw in the password reset page that could be exploited by hackers.

So-net denied any connection between the compromise of its site and the massive data breach at Sony’s other units. "Although we can't completely rule out the possibility that there is a connection with the PSN issue, the likelihood is low", Keisuke Watabe, a spokesman at So-net Entertainment, told the newspaper.

What’s Hot on Infosecurity Magazine?