Sony PlayStation Network Hacked: 77 Million Accounts Offline for 23 Days
What happened
Attackers compromised Sony's PlayStation Network in April 2011, stealing names, addresses, email addresses, and potentially credit card data for 77 million accounts. Sony took the network offline for 23 days to investigate and rebuild infrastructure, costing an estimated $171 million.[1]
What went wrong
Sony stored user data including credit card information without adequate encryption and had insufficient intrusion detection. The attack exploited known vulnerabilities in Sony's infrastructure that had previously been flagged by security researchers.[1]
Lesson learned
Payment card data must be encrypted at rest and subject to PCI-DSS controls regardless of the broader context. A 23-day outage demonstrates how breach response planning is as important as breach prevention.
Sources
- [1]
External links can go dark — pages move, paywalls appear, domains expire. Every source above includes a Wayback Machine snapshot link as a fallback. All citations are best-effort research; if a source contradicts our summary, the primary source takes precedence.