[WASC-WHID] WHID 2011-87: PSN Admin Dev Accounts Got Hacked

WASC Web Hacking Incidents Database wasc-whid at lists.webappsec.org
Mon Apr 25 11:20:45 EDT 2011


*Entry Title: *WHID 2011-87: PSN Admin Dev Accounts Got Hacked
*WHID ID: *2011-87
*Date Occurred: *April 24, 2011
*Attack Method: *Brute Force
*Application Weakness: *Insufficient Anti-automation
*Outcome: *Account Takeover
*Attacked Entity Field: *Entertainment
*Attacked Entity Geography: *
*Incident Description: *Sony’s PlayStation Network has been down since
Wednesday and stayed kaput throughout the weekend. Sony has admitted that
the outage was due to their network being hacked but has not given any
further details. But now, a source closely connected with Sony Computer
Entertainment Europe (SCEE) reports that the attack is much deeper than
admitted by Sony. The source claims that the PSN sustained a LOIC attack
(which created a denial-of-service attack) that damaged the server. Plus, it
received concentrated attacks on the servers holding account information and
breached the Admin Dev accounts.
*Mass Attack: *No
*Reference: *
http://www.slashgear.com/psn-admin-dev-accounts-got-hacked-source-claims-service-to-return-by-tuesday-24148081/
*Attack Source Geography: *
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/wasc-whid_lists.webappsec.org/attachments/20110425/99ea0276/attachment-0003.html>


More information about the wasc-whid mailing list