As of this writing, it has been 19 days since Sony first took down its Playstation Network due to a security breach and the subsequent compromised user accounts, address, and Credit Card information. Sony had wanted to have part of the Playstation Network back online by May 6th, 2011. Well this did not occur. In the intervening days Sony has also discovered a breach on its Sony Online Entertainment servers as well.
Some additional information has been released regarding the state of security at the time of the breach, and the current status of the relaunch.
According to Beyond3D, Sony was using the latest version of Apache (version 2.2.17) for their web servers. This negates the claim that Sony was using outdated webserver software.
Additionally, many media outlets are now stating that according to Sony, PSN, Qrocity, and SOE will not be back until the end of the month. Well, these ‘outlets' are just spewing FUD. Sony's official statement is they are working around the clock to bring PSN, Qrocity, and SOE services as soon as possible. Also, as stated previously, the desire to bring some PSN services ‘within the week' and ALL services within the month.
The last new item is that Sony is offering identify protection through the ‘AllClear ID Plus' program from Debix, Inc. Sony is offering this to all affected PSN and Qrocity users in the United States. This is definitely a much needed olive branch for Playstation users.
I know that the extended outage upsets many Playstation Network users. But I am taking Sony's side in this case. As stated on the Official Playstation Network Blog “…Our utmost priorities are the security of the network and ensuring your data is safe…”. Sony is learning from the mistakes made before the breach by not having Security be the number one priority. Ensuring data security, as well as personal information, should be the number one priority of any online service.