Sony Comments On the PSN Outage
by TheOtherRainMan, HSM team writer
Sony representative Patrick Seybold confirmed today that personal information has possibly been compromised in the “external intrusion” that occurred between April 17th and 19th. Among the information includes:
- Name
- Address (City, State, Zip)
- Country
- Birthdate
- PSN/Qriocity Login Info
- PSN handle
- Password Security Answers
While there is no evidence stating that credit card information was taken, Sony is not ruling out that this info was stolen as well.
As a result of this, Sony shut down both Qriocity and the PSN services and have taken precautions in order to ensure “greater protection of your personal information.” Sony expects certain services to be up and running within a week. The full statement is below.
Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:
- Temporarily turned off PlayStation Network and Qriocity services;
- Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
- Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.
We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheftor reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669should you have any additional questions.
Sincerely,
Sony Computer Entertainment and Sony Network Entertainment
April 27th, 2011 by TheOtherRainMan | 12 comments
TheOtherRainMan, a.k.a. Rain, is a budding filmmaker, cinema lover and video game enthusiast ever since the PS1 days. When he is not fighting off his girlfriend's evil-exes, traversing The Grid, working for the Pawnee Parks and Recreation Department, or simply soaking in the latest terrible thriller, he spends his time on Home. He is currently a team writer and videographer for HomeStation Magazine. He is also pursuing a BA degree in Radio-TV-Film at Rowan University.
He can be contacted at rainman@hsmagazine.net
I always advise buying PSN cards vs using a credit card. Loosing up to $50 sucks, but its much less of a hassle and nightmare to have your credit card account hacked and your information stolen.
I can’t help but think the verification method Sony used on the PSN to prove you are you was your birth date. Now that’s gone… they are going to need something else. I also wish there was a way to find out what my security questions were, because that information was compromised too. We should be able to trust Sony with our information.
This is a mess.
Just a bit of advice -- don’t contact all three credit reporting companies all at once. Just choose one.
You are allowed to check your score for free, but only ONCE A YEAR. Pulling all three does have an effect on your score, so just choose one.
If you don’t have ready access to PSN cards another solution is to add your info, use it, then immediately delete the info from your PSN acct each time. I htink this is wise in any case.
Sounds like a hassle. I agree it’s worth the hassle but if our information can’t be kept safe, it needs to not be taken, IMO.
through all this im woundering one thing.how is it that sony has managed to keep this out of the main stream media. and how could one of the worlds largest electronics companys allow it self to be hacked.
I’m expecting a class-action law suit to come out of this. The information this person, or persons, have is enough to cause havoc in someone life. I contacted my account providers and added additional levels of security on my information because of this happening. I can’t help but think about the various accounts we all have out there with our personal information and the companies we trust. How many of us will trust Sony after this?
i think u shud ask how can u trust any company at all anymore? my bank has been hacked and we all had to get new bank cards.. trust me, its not just sony..and now theyre takin six weeks to make sure it doesnt happen again thats gotta inspire you with some trust.. besides, most credit cards have auto fraud protection which means if you dispute the charges, youre not charged.. i think ppl need to just relax or never use any web based, electronic systems to buy things if they dont consider that this may happen anywhere.. its a sad fact of life some ppl will always try to steal .. at least sony is responding they best way the can..
I don’t fill out all the info on my psn account. The only thing I fill out my address. It’s against the rules to put in false information. Which I could heed but now I wonder how I keep myself safe. There are a lot of creeps out there that do this sort of thing, but I have no worries as of where I’m at. It’s too secure around here. On another note, I’m glad that I only put in my name halfway. But that can still breach my security. I’m not worried about this issue anyway.
I think everyone has the right to worry, but I wouldn’t get all bent out of shape because of this breach. Government agents are going to chase them like a rabbit on a dog track. It’s one of those things where they get caught and more come. They scatter. lol! I think they’re more afraid of us then we are of them. Let’s keep our head up and strive to hinder their crap.
Government agents may well be on their trail but if the person or persons responsible happen to live in say North Korea,do you really think anything can be done against them?
UPDATE
It is believed that the hackers got up to 2.2 million credit cards and that they may be on the black market.
http://www.escapistmagazine.com/news/view/109661-Hackers-Offer-PSN-Credit-Cards-For-Sale
It’s a shame ! My ID have been stolen and i can t do anything ! I ll never give my credit card again !