Sunday, May 8, 2011

The PSN Outage Timeline


With Sony being dragged through proverbial mud, Console Monster has taken a look back on the companies turbulent past couple of weeks to recap everything that has happened since the beginning of the PSN outage.
17th-19th April: This is PSN ground zero, where everything began. Sometime between the 17th and 19th of April an 'external intrusion' began burrowing it's way into the Playstation Network with less than loyal goals. The external intrusion brought one of the biggest gaming systems to a grinding halt affecting a possible 77 million Playstation Network registered accounts. What makes it all the more worse is that the hack has become one of the largest data security breaches in history, easily out doing the infamous TJX Hack of 2007.
20th April: Around this time the first signs of trouble began to appear. Sony's official blog said that they were "aware certain functions of the PlayStation Network" were offline. The troubles began with a simple message on PS3 users hubs stating that the Playstation Network was "undergoing maintenance".
21st April: Sony officially revealed that it was "investigating the cause" of the outage. They also at this point in time gave gamers a time frame of just a "day or two" before the PSN would be switched back on. In hindsight that last statement was maybe a little misplaced.
22nd April: Sony officially revealed that the cause was due to an "external intrusion". The Playstation Network and Qriocity services were switched off as a means of defense against the intrusion. Despite Sonys best efforts it finally dawned on them that this intrusion would take more than a couple of days to rectify. By this point gamers began wondering who may have caused the downtime and many fingers were pointed the way of Anonymous who had stated in the past that they would "attack" Sony in one form or another.
23rd April: A change in tact came apparent in the next few statements released by Sony. They no longer gave out time frames from this point on instead they were quoted as saying, "the task is time-consuming", Sony also stated that "it was worth the time necessary to provide the system with additional security". Also after being the main target of abuse for PSN users, the hacking community Anonymous revealed that the attack was not them saying simply "For Once We Didn't Do It". Despite Anonymous not claiming the attack many gamers still aimed abuse at the group.
25th April: Sony still left gamers in the dark and refused to elaborate on the "external intrusion". Sony's Senior Director of Corporate Communications and Social Media, Patrick Seybold further added to gamers woes when he said "Unfortunately, I don't have an update or timeframe to share at this point in time.".
26th April: The news that no gamer wanted to hear, Sony officially revealed that there may have been a "compromise of personal information as a result of an illegal intrusion on our systems." They tried to buffer the blow a bit by telling gamers "We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week," but the damage was now done and the flood gates well and truly opened.
27th April: Kristopher Jones posted a lawsuit against Sony alleging that they "failed to encrypt data and establish adequate firewalls to handle a server intrusion contingency, failed to provide prompt and adequate warnings of security breaches, and unreasonably delayed in bringing the PSN service back online." The main argument was that Sony failed to notify it's members of a security breach and also storing credit card information which is in direct violation of the PCI Compliance.
1st May: Nearly two weeks since the intrusion first took hold of the PSN and Sony tried to lift gamers spirits offering them a "Welcome Back" pack when they finally switched the Network on. The pack included a free download via the Playstation store and 30 days free subscription to PSN Plus. They also once again hoped to have the system up and running within the next week.
2nd May: The intrusion had now spread all the way to Sony Online Entertainment. This caused Sony to shut down countless websites and online services all connected with SOE. It was also revealed up to 12,700 credit card numbers were stolen during the initial intrusion along with a possible 24.7 million SOE accounts.
4th May: In an attempt to stop the intrusion Sony announced that they had added yet another company to it's investigation team. Data Forte along with Guidance Software and Protivti are all currently dissecting the attack looking for the source. Sony also found themselves being asked to testify at a congressional hearing on the security related to the PSN outage. Sony declined to do so due to "ongoing investigations" with the law.
The Latest - 4th May: Shinji Hasejima makes a surprising announcement at the Tokyo Press Conference revealing that Sony was fully aware of the Playstation networks "vulnerabilities". Shinji was quoted as saying "The vulnerability of the network was a known vulnerability, one known of in the world. But Sony was not aware of it... was not convinced of it. We are now trying to improve aspects of it."
As you can see it has been a rough week or two now for Sony. They are looking at a good number of lawsuits coming their way and a lot of angry gamers still trying desperately to get online. We only hope that the PSN gets turned on not only quickly, but securely too.

No comments:

Post a Comment