The PlayStation Network has been down since the middle of last week. The result of the outage, as users were notified on Saturday, was to rebuild the network security in light of an unwanted, external intrusion. Now Sony has come forth and issued an update declaring that personal user information was stolen during the intrusion.
The data includes usernames, passwords, names, birth dates, addresses, purchase history and, Sony warns, potentially credit card information. Here’s how Sony’s putting it…
“…we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained…”
And, concerning credit card data, Sony goes on…
“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”
As Sony’s stated leading up to this announcement, they have taken the network down in order to rebuild its structure with a more rigorous effort on security. That does not change the fact that user data has been relinquished, thus likely leading to a large customer backlash.
In the update on PlayStation.Blog, Sony indicates that they should be finished with their work on the PSN and have it back online within the week. They also give some websites and contact information for credit reports and identity fraud protection. What they have not indicated is what they plan to do for the customers that have been affected by this attack as a result of their previously, apparently, lacking network security.
For those that have lost personal information and are subject to identity theft and credit fraud, the news that the PSN will be up by the week’s conclusion is likely less than warming. As more develops with this incident, we’ll be on it.