Your personal details and possibly even your credit card number may be in the hands of hackers.
Update: An FAQ
posted on the official PlayStation website offers up a few new details. It says the intrusion was discovered "between April 17 and April 19" and the "correct course of action" regarding refunds will be decided upon once PSN is back online. It also acknowledged the Sony Online Entertainment service was unavailable at one point "due to an external attack;" in the meantime "a thorough investigation is ongoing." It's not clear if the attack on SOE -- which operates DC Universe Online, Free Realms, and Everquest, among other games -- was related, though it believes no personal information was stolen as a result.
Original Story:After nearly a week of downtime for the PlayStation Network, Sony announced today some alarming news: It believes users' personal information -- including name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and PSN online ID -- has been obtained by an "unauthorized person."
Sony's Patrick Seybold authored an update on the PlayStation Blog today stating, "We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week." Note that he said "some services," so not everything will be back to normal by then.
But much more importantly he brought along an alert being issued to all PlayStation Network members. Anyone with a registered account should soon be receiving the notification below by email. The important part: The aforementioned data could be in the hands of hackers. Credit card data -- excluding security code, so just the credit card number itself and the expiration date -- may have been stolen, although there is currently no evidence to suggest that is the case. Sony notes that it is, however, a possibility.
The email outlines the steps Sony has taken since the intrusion took place:
Temporarily turned off PlayStation Network and Qriocity services;
Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
Sony is advising PSN members to be wary of scams or requests for your personal information -- Sony itself will not ask you for your credit card number, social security number, or anything of the sort. It's also recommending you keep a close eye on account statements and look into getting a free credit report and/or placing a fraud alert on your file. Details on how to do this are contained in the email (located in its entirety below).
There had been some concern that personal data, including credit card numbers, may have been compromised as a part of the attack last week. It's frustrating that it's taken this long to get PSN back online, not to mention how long it's taken for Sony to alert the public of this hazard.
Sony's full email can be read at the PlayStation Blog