Sony Admits Personal Info at Risk, Claims PSN Back Up In a Week

By Evan Narcisse | April 26, 2011 | +

It’s been six days of hell for PS3 owners who’ve been without the use of the console’s PlayStation Network. However, with the latest update on the official Playstation blog, Sony PR rep Patrick Seybold reports that the PSN could be back up inside a week. But don’t celebrate just yet–it appears that things may be worse than first imagined for Sony and PSN members.

That’s because the “intrusion” that prompted Sony to shut down the PSN may have involved identity theft, with homes addresses and credit card information among the data Sony admits could have been stolen.

In the blog post, Sony PR rep Patrick Seybold wrote the following:

…We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

This sort of security breach is the worst possible scenario for Sony, prompting the company to notify users and encourage PSN account holders to look at bank and credit card statements for unusual activity. Sony’s also warning users to be wary of phishing attempts, advising that no one from Sony will be calling to check personal info.

As bad as it’s been for PS3 owners–myself included, all I want is to play some Mortal Kombat online–PSN members assumed their credit cards and e-mail addresses were safe. This sudden turn of events not only stands to anger even Sony loyalists, it also exposes Sony to legal ramifications. In today’s super-litigious society, it’s only a matter of time before someone files a class-action suit, and Sony’s free PlayStation online service may wind up costing the company a lot more than they bargained for.

@Techland

Latest on Techland

Innovation May 25, 2012

Synchronized Robots Dance to ‘Thriller’

These robots aren’t just some animatronic dance troupe from an amusement park; no, these machines can actually judge if they’re a step or two behind the rest of the dancers and catch up.
From our Partners
HP Layoffs: Company To Cut 27,000 Jobs To Save Up To $3.5 Billion AnnuallyHuffington Post

Has Facebook Ruined Silicon Valley?Slate
Online Dating, Now With A Little Help From Your FriendsHuffington Post
Canada Also Wants Ability To "Eavesdrop" on Internet CommunicationsSlate
HP May 25, 2012

WebOS: Dead? Oh, Sure, Almost Certainly — But Not Definitely

It’s hard to imagine a future for the once-promising operating system. But that doesn’t mean it doesn’t have one.

http://velvetcake.wordpress.com luckyraven

Why the heck did they wait for almost a week to tell us that our personal info was in danger is beyond me. Bad enough that people possibly had their credit/debit card info stolen.
jeffreytz

Agreed, luckyraven, that’s the biggest concern here – who at Sony thought it would be a good idea not to share that info immediately? This could lead to breach notification regulation for online networks that mirrors credit cards.
http://crichton007.wordpress.com crichton007

With the advantage that Microsoft gained over Sony with the Xbox 360 vs PS3 some people thought that this might be the beginning of the end for Sony’s Play Station line. After this it looks like it could be the beginning and the end all rolled into one.
pks29733steel

I agree with all three posters, Sony waited too long to tell the public and the charge companies. And with this Sony might be losing it’s grasp on the gaming public!!
hampster

Crichton007 your post makes a very large assumption; That Microsoft ever had a large enough market share to actually completely end Sony’s PS3 line. Allow me to shed light on this for you. It Doesn’t. Look up the numbers, both companies have a fairly large chunk of the market and as a PS3 user, I can tell you that this doesn’t make me want to use Microsoft’s product.

The issue at hand is how soon they told us that things were vulnerable. Lets be clear here, the information is vulnerable, not taken. Sony has said it is possible and they are looking into it. They could have said nothing until they knew for sure, but Sony did let the public know, which is mitigating, if not making up for the delay entirely.

I think we should all keep in mind who the chump is here; The hacker who created the breach and took the information.
spookiewriter

You know what the worst part is the F$%#^&*g Shisthed dickwad incrdibly arrogant M%THURF%^KR hacker douches who carried this attack out.
You know what, if you hate a service, site, page, person, theme color or any other part of some network then ignore it.
These narcissistic, poster children for late term abortion hacker groups, both “black” and “White” are just 3 year old spoiled little brats who didn’t get enough love or hugs from their Mommies.
These idiots aren’t even smart enough to see they are doing their own version of Iraq. The hackers decided to show the world how bad Sony is. But have only pissed off the little people.
Nobody is forced to use PSN.
http://s3v3r14n.wordpress.com s3v3r14n

hamspter – actually the Sony post says this “we believe that an unauthorized person has obtained the following information…” i.e. they believe the data has been taken, not that it is vulnerable.
There is indeed an issue with how soon they informed us that the data has been taken, but that is not the major issue. The admission that there is even a possibility that customer passwords, credit card no’s etc oould have been compromised on a significant scale (even if they haven’t) implies that Sony have been storing these details without encryption or other appropriate security, which is appauling for any online entity.
If true, I’m afraid this very much makes Sony the chump (although I’m not too chuffed with the hacker either).
http://dahitman.wordpress.com dahitman

Not good enough from Sony. There are 70 million people in the world who could have had personal information taken. The attackers (most likely the group ‘anonymous’) are a bunch of f*cking c**nt bastards. George Hotz and Anonymous should f*cking grow up and leave the gamers who are just trying to have some fun alone.
http://sonysucks.wordpress.com sonysucks

WAKE UP SONY players there should be a protest by the customers of SONY for them lying to us about our credit card information not being vonerable!! You lying sacks of s&%^. They care nothing about their CUSTOMERS! All SONY cares about is just how much money you can give them! I’m calling for a user WALK OUT on the PSN for the week if ever they get their PSN up again join me and let SONY know its NOT OK to LIE to your customers when their information has been hacked into! I just took back my brand new PS3 because SONY Entertainment Group has proven to be an UN TRUST WORTHY company. PS, not the first time SONY has lied to you about being HACKED. WE DON’T TREAT CUSTOMERS LIKE THAT HERE IN AMERICA! California state law required SONY to notify its customers about their personal information being vonerable and yet they didn’t do it. They should definetly receive a fine for this mess. WHY ARE THE REPORTERS NOT TALKING ABOUT HOW SONY LIED & LEFT THEIR CUSTOMERS VONERABLE FOR SO LONG. WHY DID THEY LIE IN THE FIRST PLACE!
dcuatl

A rough way for Sony (basically a packaged goods manufacturer) to learn about the risks of the service industry. There are so many organizations doing things right that these mistakes are inexcusable.

I think the real damage comes later, when they try to launch the next generation entertainment system. I admit that I’ll have second thoughts about purchasing a networked Sony device.
diedeathdead

Hold on, “sonysucks”. Before you start some kind of inappropriate boycott, think of the facts. The reason SONY shut down the PSN was to ensure the safety of both the Users and the Servers. Though it seems as though their actions may have been a bit strange, albeit irresponsible, we must see it from their side as well. We’re a Multi-billion dollar network.. Our information is up as well, How many people are actually dumb enough to steal over a thousand TRACEABLE credit cards, over the single-filed credit information of a billion dollar company. While our information is up there, so is theirs, which is probably what they were a bit nervous about. It’s best that they told us when they did, because then the hacker may have had direct access to our credit cards because we would all sign on at once to retract our accounts.
They told us when it was confirmed that they were able to get a few, but quite honestly, there is nothing you can do with a credit card that isn’t traceable.. this is some kind of scare, or a statement to SONY, but this is also their chance to step their game up. Let’s be serious for a minute.
http://damhackers.wordpress.com damhackers

will you dam hackers leave the psn alone. you r making a big deal over nothing. you guys are just fu$%ing with everybody and you think its funny well its not so stop fuc#ing things up for everybody that wants to have fun.
gameman0525

As a PSN user, I believe we should’ve been informed sooner. However, they were trying to be sure first. I just want it to be back up already. COD4s a-waitin
gameman0525

and sonysucks please just shut the F*** up and go back to your XBOX360