An extra 24.6 million computer game users may have had personal details stolen by hackers after Sony revealed it had suffered a second major internet breach.

The electronics giant says credit card details, names, addresses, emails, birth dates, phone numbers and other information from customers who played PC games online were stolen. Those affected are customers of Sony Online Entertainment.

News of the latest breach comes after the company announced last week that 77 million Sony PlayStation network users worldwide – including three million in the UK – had data stolen (see the PlayStation breach MSE News story).

The PlayStation hack included the theft of names, addresses, dates of birth, log-in details and email addresses. Sony is also investigating whether credit card numbers were stolen.

Of the 24.6 million PC games customers affected over 12,000 have definitely had credit card details stolen – 5,320 of which are UK based. Sony says only 900 of the 12,791 cards are still active.

This is because hackers gained information via different sources for the PC games theft. Credit card details were only stolen from a 2007 database, while existing servers were also breached.

Another 10,700 direct debit records of customers in Austria, Germany, the Netherlands and Spain were stolen, Sony admits.

It is unclear how many of the 24.6 million users were UK-based.

The incident occurred on 16 and 17 April – earlier than the PlayStation break-in which occurred from 17 to 19 April – but was only revealed by the company yesterday.

Both hacks leave users open to credit card and ID Fraud. In addition, as hackers have log-in details any gamers who use the same password for other accounts should change them. See the PlayStation breach MSE News story for info on what to do.

On Our Forums

Sony reveals new hack