An extra 24.6 million computer game users may have had their personal details stolen by internet hackers after Sony revealed it had suffered a second major security breach in less than a month.
The electronics giant said the names, addresses, emails, birth dates, phone numbers and other information from PC games customers were stolen from its servers as well as an “outdated database” from 2007.
The announcement came less than a day after the Japanese company officially apologised for one of the worst break-ins in internet history that saw the theft of data from 77 million users of its PlayStation network.
Officials said the latest attack targeted the Sony Online Entertainment (SOE) PC games network which hosts games played over the internet on PCs.
About 23,400 financial records from the 2007 database involving people outside the US may have been stolen in the newly discovered breach, including 10,700 direct debit records of customers in Austria, Germany, the Netherlands and Spain, Sony said.
The incident occurred on April 16 and 17 – earlier than the PlayStation break-in which occurred from April 17 to 19 – but was only revealed by the company yesterday.
Company spokeswoman Taina Rodriguez said there was no evidence that the information taken was used illicitly for financial gain.
“We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1 we concluded that SOE account information may have been stolen and we are notifying you as soon as possible,” Sony said in a message to customers.
The SOE network was taken down yesterday and Sony was also forced to suspend its SOE games on Facebook.
The company said it will grant players 30 days of additional time on their subscriptions, along with one day for each day the system is down.
It is also working with the FBI and other authorities to investigate what it called “a criminal cyber attack” on its data centre in San Diego, California.