They promised users that steps would be taken to make sure that it never happened again and it would tell users if it does.
However, it seems a few days before the PS3 hack, Sony was attacked elsewhere and we are only just finding out about it. This time the cyber crims wanted the personal information of 24.6 million Sony Online Entertainment users.
Red-faced officials admitted that over 20,000 credit card and bank account numbers were put at risk. While this is not as bad as the recent leak of over 70 million accounts from Sony's PlayStation Network and Qriocity services, coming so soon afterwards, Sony officials were probably thinking of taking a holiday rather than facing the media.
Like the PS3 hack, Sony sat on the news for a week, allowing the hackers to do some ID thievery before the news leaked onto the streets. In this case the hack happened two weeks ago. Sony knew about the hack two or three days before the PS3 network was brought down.
Sony Online Entertainment is a division of the company that publishes online multiplayer games like the recently released DC Universe Online. Sony turned off all its game services yesterday which means that it does not have many products available.
Sony said that the compromised personal information includes customers' names, addresses, e-mail addresses, birth dates, gender, phone numbers, logins and hashed passwords.
Once again, credit card numbers and expiration dates of 12,700 non-U.S. customers are at risk. There are 10,700 direct debit records from customers in Austria, Germany, Netherlands and Spain.
The information was found in an outdated database from 2007, Sony says.