A notorious hacking firm, probably best described as greyhats rather than white or blackhats, briefly breached the PlayStation Facebook and Twitter accounts on Sunday.
OurMine, a Saudi-based security firm, specializes in breaching high-profile accounts in order to advertise its ‘prowess’ and sell its security services. Yesterday, it got into PlayStation’s Twitter and Facebook accounts, and claimed to have stolen ‘PlayStation Network Databases.’ All messages were quickly removed by Sony, but not before they had been seen, and not before PlayStation users’ concerns were raised.
The messages left on Facebook were potentially the more worrying: “Playstation, contact us we got Playstation Network database leaked!” This immediately provoked memories of the massive 2011 breach which forced Sony to shut down the PlayStation Network and Store, and had the personal information of some 77 million PSN users stolen.
Tweets posted by OurMine on PlayStation’s Twitter account were in the same vein, but added, “No, we aren’t going to share it, we are a security group, if you works at Playstation then please go to our website ourmine.org.”
Unless OurMine has changed its method of operation, then it is unlikely to leak any personal information – in fact, it is quite possible that the social media accounts are the totality of its success against PlayStation. However, this cannot be guaranteed; and until official comment comes from Sony, it cannot be guaranteed that PlayStation networks have not been breached and personal data stolen.
“It’s quite unlikely that the database is indeed stolen,” comments High-Tech Bridge CEO Ilia Kolochenko. “On the other hand, it can be a smart smoke screen to camouflage a large-scale data breach and distract attention of cybersecurity teams from the real problem. However, until Sony makes an official statement about their internal investigation, it’s too early to make any conclusions.”
At this stage, it cannot even be guaranteed that the social media hacks were performed by OurMine. The most recent hack it acknowledges on its website is the April 2017 YouTube hack, which it describes as “the biggest hack in YouTube history!” During 2016, OurMine is believed to have breached the Twitter accounts of Wikipedia co-founder Jimmy Wales, Pokemon Go creator John Hanke, Twitter co-founder Jack Dorsey, Google CEO Sundar Pichai, and Facebook co-founder Mark Zuckerberg – whose Pinterest was also hacked.
During 2017, OurMine has been ‘credited’ with further hacks against the Unity user forum, and, last week, against HBO’s media accounts. The message left on HBO was typical: “Hi, OurMine here, we are just testing your security, HBO team please contact us to upgrade the security.” HBO quickly regained control of the account and removed the messages.
The HBO Twitter hack is not thought to be related to the theft of 1.5TB of data from HBO. Earlier this month, these hackers released the personal phone numbers of Game of Thrones actors, emails and scripts. They are demanding a ransom of $6 million for the return of HBO’s proprietary information.
SecurityWeek has contacted both Sony and OurMine and asked for comments on the PlayStation Twitter breach. This story will be updated with any reply.