JPCERT-AT-2011-0011 JPCERT/CC 2011-04-28 <<< JPCERT/CC Alert 28.04.11>>> Unauthorized use of leaked IDs and passwords https://www.jpcert.or.jp/at/2011/at110011.txt I. Overview On April 27, 2011, Sony Computer Entertainment Inc. released information regarding account information leakage that was due to unauthorized access of the PlayStation Network and Qriocity. According to Sony Computer Entertainment Inc., there is a possibility that this unauthorized access may have resulted in the leak of the names, addresses, email addresses, dates of birth, passwords and online IDs of registered PlayStation Network and Qriocity users. In addition, Sony Computer Entertainment Inc. says it cannot deny the possibility that credit card information registered with these services by users may also have been leaked. If account information (ID/Password) registered with these services have had been used with other services as well, the attacker may use the illegally acquired account information to log into services other than PlayStation Network and Qriocity to illegally access these services or steal personal and credit card information registered with those services. Attacks such as the following may also be carried out. (1) Attacks using the illegally acquired personal information to direct users to sites that lead to virus infections. (2) Attacks that involve attaching viruses to emails that look like they are messages inquiring about this incident. (3) Attacks that involve the attackers posing as a party related to this incident and directing users to phishing sites that encourage users to change their registered information. Users who use the same account information for multiple services are urged to refer to the solution below and register different ID/Password information for each service. Furthermore, if emails regarding this incident are received, check that there are no suspicious aspects to the email including the sender and message body of the email. II. Solution If the same account information is registered with multiple services, change the account information using the service provider's web site. (For information on how to change the registered information, refer to the FAQ or other similar pages of the service providers.) Refer to the following publication for information regarding creating a secure password. Information Security Manual for the Training of New Employees Rev2 (P27 - 28 Learning how to create secure passwords) https://www.jpcert.or.jp/magazine/security/newcomer.html In addition, if any received emails that appear to be from parties related to this incident try to direct the recipient to phishing sites that require to enter information such as credit card or personal information, or if a received email directs the recipient to open a suspicious attachment, do not try to access the listed URLs or and open the attachment. If an email that directs the recipient to suspicous sites is recieved or an email with suspicious attachments is recieved, do not open the attachments and please report these to the Council of Anti-Phishing Japan or JPCERT/CC. Council of Anti-Phishing Japan https://www.antiphishing.jp/registration.html JPCERT/CC Incident Reporting https://www.jpcert.or.jp/form/#report For other solutions, refer to information from Sony Computer Entertainment Inc. III. References Sony Computer Entertainment Inc. An Apology and Request to the Users of PlayStation Network/Qriocity(TM) http://cdn.jp.playstation.com/msg/sp_20110427_psn.html If you have any further questions or information regarding this alert, please contact JPCERT/CC. ====================================================================== JPCERT Coordination Center (JPCERT/CC) MAIL: info@jpcert.or.jp TEL: +81-3-3518-4600 FAX: +81-3-3518-4602 https://www.jpcert.or.jp/english/