In an update to the PlayStation Blog, Chief of Information Security Phillip Reitinger explains what happened:
We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.
Basically, someone got a bunch of usernames and passwords from a source that isn’t directly from Sony, tried to sign into all of them at once, and sent red flags to Sony.
The affected accounts have been temporarily suspended and will require a password reset. Accounts that have been compromised have been sent emails with instructions on how to un-suspend their accounts.
There is no outage, and no crucial information like credit card info was compromised. Unlike the incident earlier this year, Sony was able to counter-act instantly and keep private information private.
What say you, gamers? Have you been affected?