Sony PlayStation Network Update - Not Good News (Updated)
By Ian White
Big Picture Big Sound has been following the PlayStation Network situation for the past week, and Sony just released an update that users should pay immediate attention to (even though they can't access their accounts still to change passwords) because it involves their personal information stored on the PSN. Based on information released by Sony this afternoon, the "external intrusion" (fancy phrase for being hacked) gave culprits far deeper access than anyone thought initially including "a compromise of personal information."
Sony isn't being specific, and they have not publicly stated that credit card data for PSN or Qriocity users has been compromised, but the company did state that "your credit card number (excluding security code) and expiration date may have been obtained."
We are not sure what's more frightening; the fact that credit card info was possibly hacked, or that Sony isn't quite sure of the answer. With more than 70+ million users, Sony is going to be under the gun to provide some answers and solutions if they want to minimize the damage.
Sony has also not given a date for the PSN to be back online, which is obviously far less of a concern to users at this hour -- we're not sure what being granted access at this point would mean to most people as the hackers have had days to copy sensitive personal information.
Sony UK chimed in this afternoon and the details are somewhat confusing because the last item on the list of exposed data doesn't confirm/deny that credit card information was accessed.
According to Sony UK, the following information was exposed:
- Shipping address
- Billing address
- E-mail address
- PSN/Qriocity ID
- PSN/Qriocity password
- PSN/Qriocity security question and answer
- Purchase history
The last four items on the list if used could certainly give an outside source access to sensitive credit card information, but until users see any illegal charges on their cards, it is going to be a nervous waiting game for all involved -- for most people the inconvenience of having to cancel cards will almost be mandatory, although Sony must be wondering how many PSN users will have second thoughts about using the network going forward if their information could be hacked.
Sony tried to put on a brave face yesterday when it announced that it would be launching two new Android-based tablets, but that product announcement was completely overshadowed by the breaking news about the PSN intrusion.
More than a week has passed and Sony PSN users are still waiting for limited access; something that Sony execs promised over the weekend, but now a second breach is being reported and is seriously calling into question Sony's security (or lack of it) on their entertainment sites.
According to a report in the Wall Street Journal
, hackers have breached a second online service giving them access to more than 24.6 million additional customer accounts.
Sony Online Entertainment said on Monday that it was forced to shut down its services amid fears that the culprits may have accessed users' personal information; including as many as 12,700 non-U.S. credit card accounts and 10,700 bank account numbers for an "outdated database from 2007."
Rumors have been circulating on the web that the hackers tried to sell back the stolen credit card information from the first intrusion of the PSN, but Sony's U.S. division said that those reports were untrue.