The personal information from 24.6 million Sony Online Entertainment accounts has been compromised in addition to those affected in the PlayStation Network cyber attacks, Sony and SOE have discovered.
According to a statement released by the EverQuest developer, this SOE-specific data breach was "discovered less than 24 hours ago," prompting the interruption of services early Monday morning.
Personal information from approximately 24.6 million SOE accounts "may have been stolen," which would include a customer's provided name, address, email address, gender, birthdate, phone number, login name and (hashed) password.
Additionally, credit card information from an "outdated database" from 2007 "may" have been stolen, which contains the credit card numbers and expiration dates of approximately 12,700 non-U.S. credit cards, as well as about 10,700 direct debit records of customers from Austria, Germany, Spain and the Netherlands.
According to the company, there is "no evidence" that its main credit card database had been compromised.
The attack took place on April 16th and 17th, though it was not discovered until yesterday. A spokesman speaking to Reuters said that this was not "a second attack," and is directly related to the PSN breach.