Sony says PlayStation users' data protected, but take precautions anyway
Hack that affected 77 million users of the company's online game network still being investigated
- By Chris Paoli
- Apr 28, 2011
Sony has released new information about the recent hack that netted personal data on more than 77 million PlayStation Network users, reassuring users that their credit card information was protected and saying it is helping law enforcement agencies with an investigation.
In a question-and-answer format on the company’s blog, Sony says users’ credit card information was encrypted and that there is no evidence that the information was taken. However, the blog post said it is still possible the information was taken, and advices users to beware of calls or e-mails asking for identifiable information, saying Sony would not be making those requests, and to change any password that is the same used for the PlayStation Network.
Ars Technica reports that some of its readers have reported recent credit card fraud attempts and suspect, though cannot prove, that they started with the Sony hack.
And a class action lawsuit has been filed against Sony because of the breach.
Sony's PlayStation Network is the company's component to its Playstation 3 and Playstation Portable gaming consoles that provides online gaming, browsing and marketplace purchases of games, movies and music. Pulling the plug on this service has also halted access to third-party services such as Netflix, Hulu Plus, NHL GameCenter Live, MLB.TV and Qriocity. The outage and compromise of data, which is in its sixth day, has affected an estimated 77 million users worldwide.
Since learning of the situation, Sony said it has employed the help of an undisclosed security firm to lead in the investigation as it works around the clock to rebuild its online system.
The breach occurred between April 17 and 19, and the relative lack of news and information from the company in the immediate aftermath led to the rumor that the hacker group Anonymous was responsible for the attack. However, the group has denied the allegations and stated on their Web site that "For once we didn't do it."
As for how long the outage will continue, the company has not set a timetable. It expects to have limited functionality up and running within the next week.