Sony Comes Clean: PlayStation Network Hackers Have Stolen Personal Data

Illustration for article titled Sony Comes Clean: PlayStation Network Hackers Have Stolen Personal Data

A security breach in the Playstation Network by still unidentified hackers resulted in stolen personal information, Sony confirmed today.


Sony says while personal information was likely stolen they don't believe credit card numbers were and that they hope to have the Playstation Network service back up within a week.

The news comes more than nine days after the intrusion and six days after Sony shut down both the Playstation Network and Qriocity services in reaction to the breach. Sony says they've hired a "recognized security firm" to conduct a complete investigation into what happened and have taken steps to enhance security and strengthen network infrastructure.

"We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network," Patrick Seybold, senior director of corporate communications for Sony Computer Entertainment of America, wrote on the official Playstation Blog today.

Among the possible information stolen:

  • Name
  • Address (city, state, zip)
  • Country
  • Email address
  • Birthdate
  • PlayStation Network/Qriocity password and login and handle/PSN online ID.

"While there is no evidence at this time that credit card data was taken," writes Seybold, "we cannot rule out the possibility."

"If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained," Seybold continues.

Sony is encouraging users to be especially aware of potential phishing scams from people using email, phone calls and mail to try and extract more personal or sensitive information from you. Sony also is strongly recommending that you change you password once you're able to log back into the Playstation Network.


"To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports," Seybold wrote

"We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions."

Illustration for article titled Sony Comes Clean: PlayStation Network Hackers Have Stolen Personal Data

Update on PlayStation Network and Qriocity []

See Also


Despite Reports, No Arrest Yet in Playstation Network Outage

No arrests have been made connected to the Playstation outage, Kotaku has confirmed, despite a story making the rounds that claims FBI and others have issues warrants and made arrests.
Speaking to the FBI this morning, Kotaku confirmed there have been no arrests in the U.S.
The story, which seemed... More »



Sony Says It Didn't Know Severity Of PS3 Breach Until Monday

While Sony discovered that hackers had broken into their Playstation Network on April 19, it wasn't until nearly a week later that the company understood the full scope of the breach, a Sony official tells Kotaku.
The company learned that customer data was stolen on Monday, only after an outside... More »



U.S. Senator Demands Answers From Sony Over PlayStation Network Data Breach

United States senator Richard Blumenthal is hopping mad-or in his words, "troubled"-by the lack of clear and timely communication from Sony over last week's PlayStation Network "intrusion." And he's got the sternly worded letter to prove it.
The attack on Sony's PlayStation Network and... More »



Everything You Need To Know About The PlayStation Network Outage

It has been almost a week since Playstation Network went offline because of an external intrusion.
Since Sony's still relatively quiet on the details of what happened and how it will impact us. More »



PlayStation Network Shoplifting May Have Taken PS3 Offline & Other Less Believable Theories

Why is the PlayStation Network still offline? Sony Computer Entertainment America will only cop to an unnervingly vague "external intrusion on our system," leading those affected by and those taking delight in PSN's problems to generate their own theories about the disruption that's now six days... More »



Sony Doesn't Know Yet If Your Credit Card Number Was Stolen

Sony has not yet determined if the personal information or credit card numbers of users on the still-offline Playstation Network have been stolen, according to a Sony spokesman.
Sony Computer Entertainment is conducting "thorough investigation" into the outage, Satoshi Fukuoka, a spokesman for Sony... More »



Meh, this is the kinda BS Sony should have caught onto sooner.

They should implement a system that prevents non registered systems from accessing the PSN. IE, my PSN account can only be accessed from MY ps3, and any attempt to access it from another console would be blocked. To register a console would require login through a Sony security account and PSN account. For those of you who play MMOs with a security key/token, you might recognize this kind of setup. SquareEnix does this with Final Fantasy XI. It's a bit of a pain in the ass, but I'd rather have added security measures than not.

Thus it wouldn't make a damn difference if somebody got my PSN info because they can't use it unless they seperately hacked another system as well to get both IDs and passwords, and that could take time trying to pair them up. Not to mention if one gets hacked, Sony could say "take the other system down, warn people change their info so if the other system gets hacked, users are a step ahead" Then again, seeing as how it took them almost a week to realize the damage... FAIL.

On that note, between 3 email addresses and an array of passwords, I'm "mostly" unphased, but still bothered, considering the PSN is tied in with my primary email address. Also changed my bank security to warn me if my balance drops below where I normally keep it, so if something ever did go wrong, I'll know pretty quickly.