Sony on Monday reported that cyber assaults on its online videogame network were broader than first thought, with intruders getting away with credit and debit card data.
Hackers breached Sony Online Entertainment (SOE) network as well as PlayStation Network and Qriocity streaming music service, according to the Japanese consumer electronics giant.
"We had previously believed that Sony Online Entertainment customer data had not been obtained in the cyber-attacks on the company," the company said in an online update.
"But, on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible."
Engineers and security consultants investigating the PlayStation Network breach discovered evidence that information was stolen from 24.6 million SOE accounts and from an outdated database containing people's financial data.
About 12,700 credit or debit card numbers, along with expiration dates, belonging to people outside the United States may have been stolen along with 10,700 direct debit records of customers in Austria, Germany, Netherlands, and Spain, according to Sony.
"We will be notifying each of these customers promptly," the Japanese consumer electronics giant promised.
SOE is based in the Southern California city of San Diego.
SOE is a network for people to take part in massive multi-player games such as "EverQuest" or "Star Wars Galaxies" online using personal computers. The SOE network was shut down after the data breach was discovered.
Sony originally thought that SOE was not violated during a cyber assault on its PlayStation Network and Qriocity online music-streaming service.
In an unusual Sunday press conference, Sony executives bowed in apology and said the company would begin restoring its shut-down PlayStation Network and Qriocity online services in the next week.
"This criminal act against our network had a significant impact not only on our consumers, but our entire industry," Sony executive deputy president Kazuo Hirai said on Sunday.
"These illegal attacks obviously highlight the widespread problem with cyber security. We take the security of our consumers' information very seriously and are committed to helping our consumers protect their personal data."
PlayStation Network and Qriocity streaming music service were turned off April 20 in the wake of an "external intrusion," according to Sony spokesman Patrick Seybold.
Sony believed that PlayStation Network, SOE, and Qriocity service users' names, addresses, birthdates, passwords, and email addresses were swiped.
PlayStation Network connected PlayStation 3 (PS3) consoles to online games, films and more.
Players were still able to take part in games offline on consoles, but lost the ability to challenge others on the Internet, stream movies, or get other services.
PlayStation Network launched in November of 2006 and boasts about 77 million registered users worldwide.
Sony did not indicate whether it identified a culprit in the intrusion.Reuse content