The PlayStation Network and Qriocity have now been down for a week, since last Wednesday, and Sony has since claimed an “external intrusion” sometime between April 17th and 19th was responsible, an attack that prompted them to turn off the services to prevent further attacks. The group ‘Anonymous’ has been widely held as the party responsible, but they’ve been quick to emphasize it wasn’t them, instead paradoxically, Sony themselves.
While Sony had been trying to assure its PSN and Qriocity members that their data and personal details, which include credit card information, was safe, it has now admitted that the networks have been hacked, and that data belonging to 77 million account holders has been stolen by an “unauthorized person.”
Announcing the sad news on its blog yesterday, Sony says the stolen information includes everything from login and password credentials, e-mail and home addresses, to names and birth dates. User purchase history and credit card details might be part of the loot as well. Sub-accounts of dependents have been hacked too. Patrick Seybold, the voice of the PlayStation Blog, wrote:
“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”
The blog post, which has also been e-mailed to all account holders, also states that “some services” will be restored soon – within a week. When they are, Sony urges users to change their login and password details as soon as possible.
[RELATED_ARTICLE]Sony has obviously taken the attack and its fallout extremely seriously, and its team is working hard to rebuild the entire system into a much stronger and more secure one, and instead of working on a quick fix patch, are looking to implement a long-term solution. A reputed security firm has also apparently been hired to look into the entire episode.
Seybold further warned users to be careful of any attempts to glean more information from them:
“Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.”
For now, Sony has provided affected users free access to a fraud alert from three credit monitoring bureaus. Users and governmental agencies however, are quite unhappy with the way Sony has handled the entire situation, finding it troubling that Sony took nearly a week to inform users about the possibility of data theft, instead of warning them on Day One to secure their PSN and Qriocity related assets.