10 years of the PSN hack that had us almost a month without being able to play online
If you had a Sony console, portable or desktop, in 2011, you will surely remember one of the most embarrassing, controversial and dangerous episodes in the recent history of video games and internet security, an episode that put Sony in check and that, in addition, taught a valuable lesson to video game companies.
In 2011, online gaming was completely normal on consoles Thanks, above all, to the steps Microsoft took with Xbox Live on both the original Xbox and Xbox 360 with the Xbox Live service. The security “worked”, the services were good and the servers were also compliant.
PlayStation Network, the PlayStation online gaming service that, above all, was taken advantage of on PS3, had a worse reputation for the stability of the connection, but it was still a service that, unlike its direct competitor, allowed you to play for free online.
Although both consoles at the time, and Wii, had online, it was still a relatively new area for these machines and, On April 20, 2011, there was an episode that had no precedent: the shutdown of the PSN servers without prior notice from the company.
A cut that seemed maintenance, but that hid an attack on the servers that affected more than 70 million users
In 2011 there were forums and social networks, but these were not so common nor were they so populated and millions of players played what they found in stores, they were informed thanks to digital media, yes, but also in paper media such as ‘la’ HobbyConsolas and, many others, did not even follow the video game news, something that continues to happen.
In forums they talked about ‘something’ that had happened because there were service outages, but the blow came on April 20 when Sony, without prior notice, shut down the PSN servers. This affected millions of users of the service, who found a vague explanation about why they could not play online in a very powerful month at the launch level.
Basically, in those first moments there was talk of a process of updating, maintenance and supervision of the service, something strange because it was not announced, but hey, we were in a period where PSN was in its infancy, so it could be, perfectly, a server update.
However, the official information arrived on April 21: Sony said they had closed due to something external that they were investigating and that the service would be disabled “one or two days before returning to normal.”
Time passed, the deadline passed and it was still impossible to connect to PSN. What was happening? Communication with companies in 2011 was not as fluid as it is now, since we could ask questions on Twitter, but the social media strategy was completely different and, days later, on April 27, Sony finally issued a release.
As they echoed our colleagues from HobbyConsoles, the Japanese company claimed that they had closed the service for security reasons, since they had detected an intrusion between April 17 and 19 that affected 70 million users between those of PSN and those of the Qriocity service.
That intrusion meant that the attackers had been able to access all the data on the PSN accounts., which meant that users who had a card linked to the service to buy digital games were, or could be, in the hands of cybercriminals.
That obviously caused quite a stir because not only was it the fact that the bank details were in someone else’s hands, but that It had taken Sony 10 days to tell users what had happened.
The company encouraged users to view their account status, cancel cards and change emails and sensitive information that had been associated with PSN, but the damage was done and the credibility of the company was thought to be irretrievable.
In the end, as we read in GamesIndustry, those “one or two days” of interrupted service became almost a month, as service began to reestablish in the United States on May 15, but other areas such as Japan, the company’s home, were offline for 76 days, reportedly soon.
And, be careful, It was not the only attack that was perpetrated those days, since an attack was also carried out on 24.6 million Sony Online Entertainment accounts. There, Sony did give concrete data and affirmed that of the 12,700 credit cards that had been compromised, only 900 were active in countries such as Austria, the Netherlands, Germany or Spain.
Free games, the solution, and a valuable lesson
The voices about compensation from Sony began to be heard and there was talk of PSN balance as compensation or something like that, but in the end, Sony settled the issue by apologizing and offering free games (and not recent ones) for PS3, PSP, PS Vita and some dynamic theme. The value of these gifts was 15 million euros.
And people sooner rather than later forgot about it with just a few free games.s. However, and although Sony’s performance was not correct due to the initial zero transparency for dealing with such a sensitive issue, this attack helped companies to work on their security systems.
In fact, Although there have been other cases of similar attacks, none have reached, that we know of, the heights of the great PSN hack of 2011. And yes, we have had other attacks such as August 2014 or Christmas 2014, the famous Lizard Squad attack that left us without online gambling in the holidays, but none as serious as April three years earlier
In the end, these attacks have served for what we commented, for companies to undertake security actions in something as sensitive as digital stores and, as they say, you learn when we fall and, fortunately, we have not had an attack like that again … although from time to time a DDOS is tried.
And yes, Sony promised to fully investigate what happened, but did not get too much out of that investigation. Some executives targeted Anonymous, but the group claimed they were not involved in the attack. So, what really happened is still known by only a few.