Sony chief executive Howard Stringer faced criticism of his leadership after the consumer electronics giant revealed hackers may have stolen the data of another 25 million accounts in a second massive security breach.
Sony's latest revelation came just a day after it announced measures had been put in place to avert another cyberattack like that which hit its PlayStation Network, hoping to repair its tarnished image and reassure customers who might be pondering a shift to Microsoft's Xbox.
The Japanese electronics company said its Sony Online Entertainment PC games network had been hacked on April 18th, but did not find out about the breach until the early hours of yesterday and shut down the service shortly afterwards.
The breach may also have led to the theft of 10,700 direct debit records from customers in Austria, Germany, the Netherlands and Spain and 12,700 non-US credit or debit card numbers, it said.
Investors said Sony and 69-year-old Mr Stringer had botched the data security crisis, a further blow for the company which has struggled against rivals including Nintendo and lost ground to smartphone makers such as Apple.
Mr Stringer has not commented on the security breach, leaving his deputy Kazuo Hirai to lead the news conference and apology on Sunday. Mr Hirai headed the networks division and is seen as the likely successor to Mr Stringer, who in March committed to stay in his role for the current year at least.
The attack that Sony disclosed yesterday took place a day before a massive break-in of its separate PlayStation video game network that led to the theft of data from 77 million user accounts. Sony revealed that attack last week.
The PlayStation network lets video game console owners download games and play against friends. The Sony Online Entertainment network, the victim of the latest break-in, hosts games played over the internet on PCs.
Sony said late yesterday that the names, addresses, emails, birthdates, phone numbers and other information from 24.6 million PC games accounts may have been stolen from its servers as well as an "outdated database" from 2007.
Sony spokeswoman Sue Tanaka, asked whether other data could be at risk, listed the precautions the company has taken such as firewalls, but added it could not be certain.
The PlayStation Network incident has sparked legal action and investigations by authorities in North America and Europe, home to almost 90 per cent of the users of the network.
Yesterday, Sony declined to testify in person in front of a US congressional hearing, but agreed to respond to questions on how consumer private data is protected by businesses in a letter today, said a spokesman for Mary Bono Mack, a Republican Congresswoman from California, who is leading the hearing.
The incident that Sony disclosed yesterday also forced it to suspend its Sony Online Entertainment games on Facebook.
Sony posted a message on Facebook saying it had to take down the games during the night.
A Sony spokesman said the Facebook games make money from microtransactions and the sale of virtual goods like costumes and weapons. It was not immediately clear if the data theft included data from players of Sony games including "PoxNora," "Dungeon Overlord," "Wildlife Refuge" on Facebook.
Facebook could not immediately be reached for comment.
Sony Online Entertainment is a division of Sony. It operates online games such as "EverQuest" and is separate from the PlayStation video game console division.
Sony denied on its official PlayStation blog that hackers had tried to sell it a list of millions of credit card numbers.
The news comes less than a week after Sony alerted customers that a hacker broke into Sony's PlayStation video game network and stole names, addresses, passwords and possibly credit card numbers. Sony alerted customers a week after discovering the break-in.
Sony executives apologised on Sunday and said the company would gradually restart the PlayStation Network with increased security and would offer some free content to users.
Reuters
