It’s bad news piled on top of bad news for Sony.
Hackers may have stolen the personal information of 24.6 million Sony Online Entertainment users, the company said on Monday. More than 20,000 credit card and bank account numbers were also put at risk. This is in addition to the recent leak of over 70 million accounts from Sony’s PlayStation Network and Qriocity services.
“We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyberattack,” Sony wrote in a statement on its website on Monday.
Sony Online Entertainment is a division of the company that publishes online multiplayer games like the recently released DC Universe Online. Sony turned off all SOE game services Monday after it learned of the intrusion.
Sony said that the compromised personal information includes customers’ names, addresses, e-mail addresses, birth dates, gender, phone numbers, logins and hashed passwords.
Also at risk are the credit card numbers and expiration dates of 12,700 non-U.S. customers, plus 10,700 direct debit records from customers in Austria, Germany, Netherlands and Spain, containing bank-account numbers, customers’ names and addresses. This information was stored in what Sony said was an “outdated database from 2007.”
Hackers may have had this information for more than two weeks now. The intrusion occurred April 16 and 17, Sony said.