Sony announced that it will restore game services for the PlayStation Network starting today, and the "restoration" will begin in stages.
Sony said nearly its entire portfolio of online games, game forums, and Web sites will go back online, but the company will also require PS3 players to reset their passwords. PSN will be restored first in the Americas, Europe, Australia, New Zealand, and the Middle East. Japan and other Asian countries will come at a later date.
Several of Sony's servers were attacked between April 17 and April 19, leading to the exposure of the personal data of more than 100 million customers who signed up for PlayStation Network, Qriocity, and Sony Online. The company took the networks--for downloading and playing games, movies, and music--offline almost four weeks ago and said earlier this week that it planned to restore them "in the next few days."
Sony said in its statement:
The company has made considerable enhancements to the data security, including updating and adding advanced security technologies; additional software monitoring and penetration and vulnerability testing; and increased levels of encryption and additional firewalls. The company also added a variety of other measures to the network infrastructure, including an early-warning system for unusual activity patterns that could signal an attempt to compromise the network.
"I'd like to send my sincere regret for the inconvenience this incident has caused you, and want to thank you all for the kind patience you've shown as we worked through the restoration process," said Kazuo Hirai, executive deputy president, Sony Corporation. "I can't thank you enough for your patience and support during this time. We know even the most loyal customers have been frustrated by this process and are anxious to use their Sony products and services again. We are taking aggressive action at all levels to address the concerns that were raised by this incident, and are making consumer data protection a full-time, companywide commitment."
Sony said it appointed Fumiaki Sakai, president of Sony Global Solutions, to be acting chief information security officer of Sony Networked Entertainment. His job will be to "reinforce overall information security across the company's network infrastructure" while also searching for someone to permanently fill the security officer spot.
To encourage its customers to come back to the service, Sony had already announced a "Welcome Back" program that includes 30 days of free access to PlayStation Plus, 30 days of free access to Music Unlimited by Qriocity, as well as free identity theft monitoring from Debix, and a promise of free downloads in the future. Sony has not yet offered specifics on the last promise.
In a video message to customers, Hirai said all PS3 customers must change their PSN and Qriocity account passwords upon their return.
PSN breach exposes records of millions (roundup)
"Your new password can only be changed on the same PS3 in which your account was activated or through validated e-mail confirmation," Hirai said. Customers will also have to update their PS3 firmware to receive the latest security patches, which can be found here.
The multiplayer PC and PS3 gaming network Sony Online has also been relaunched after being taken offline following a breach related to the one that brought PSN down. On Thursday Sony Online announced its own compensation package for users. All players will get one month of free service, and free in-game bonuses for several of its titles. Customers who paid for "lifetime" subscriptions will get free in-game currency.
As for the services that remain offline, such as the PlayStation Store and purchasing features for Qriocity, Hirai told users they will be up as soon as possible. Sony said its goal is to restore all functionality by May 31.
The outage lasted weeks longer than Sony initially expected, and the company still has not pinpointed who was behind the second-largest security breach in U.S. history. A report from Bloomberg today cited unnamed sources who claim the hackers rented under an assumed name a server from Amazon's cloud service from which to launch the attack.
Sony has hinted it believes the hacker activist group Anonymous may have been behind the breach, saying it found a file planted on one of its servers labeled "Anonymous" and containing a fragment of the group's tag line: "We are Legion." The group has repeatedly denied it orchestrated the attack, though a recent statement from the group allowed for the possibility that people sometimes associated with Anonymous may have been involved.
CNET's Erica Ogg contributed to this report.
Updated at 6:25 p.m. PT with additional details.