this morning's news that Sony Online Entertainment servers were offline across the board, SOE announced that it has lost 12,700 customer credit card numbers as the result of an attack, and roughly 24.6 million accounts may have been breached.
The company took SOE servers offline after learning of the attack last evening, and today detailed the unfortunate results: "approximately 12,700 non-US credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, the Netherlands, and Spain" were lost, apparently from "an outdated database from 2007." Of the 12,700 total, 4,300 are alleged to be from Japan, while the remainder come from the aforementioned four European countries.
Furthermore, Sony ties today's announcement directly to the recent attacks on PlayStation Network and Qriocity, and says SOE customer information was stolen on either April 16 or April 17. Sony has repeatedly stated that its PSN servers and SOE servers are not part of the same network, so it remains unclear just how these two attacks are tied together. Head past the break for the full statement from Sony.
Update, 9:03PM EST: SOE has provided us with the following statement, in which it confirms that its user data was stolen as part of the original intrusion -- not a second attack. "While the two systems are distinct and operated separately, given that they are both under the SONY umbrella, there is some degree of architecture that overlaps. The intrusions were similar in nature. This is NOT a second attack; new information has been discovered as part of our ongoing investigation of the external intrusion in April."
Update, 3:45PM EST on 5/3/11: SOE has told GamesIndustry.biz that, of the 12,700 stolen cards, just 900 were still active.