Tuesday, April 26, 2011
PlayStation Network Hack Leaves Credit Card Info at Risk
:Sony thinks an “unauthorized person” now has access to all PlayStation Network account information and passwords, and may have obtained users’ credit card numbers.
The PlayStation maker said it believes hackers now have access to customers’ vital information, including names, birthdates, physical and e-mail addresses, and PlayStation Network/Qriocity passwords, logins, handles and online IDs.
Credit card information, purchase histories and other profile data stored on the PlayStation Network servers also could be compromised, the Japanese company said in a lengthy blog post Tuesday afternoon.
“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility,” reads the post, which Sony says it will e-mail to all PlayStation Network account holders, as well as users of its Qriocity streaming-media service. “If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”
The PlayStation Network, which provides online gameplay and digital game shopping for more than 70 million owners of PlayStation 3 and PSP devices, has been down since Wednesday, following what Sony called an “illegal intrusion” on its servers. The company says it expects to restore “some services” within a week’s time.
Sony said it has temporarily shut down the PlayStation Network and Qriocity services and hired an outside security firm “to conduct a full and complete investigation into what happened.”
In a letter to Sony, Sen. Richard Blumenthal called for the company to provide users of the networks with free financial data-security services, including two years of credit-reporting services.
“When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised,” Blumenthal wrote Tuesday, dinging Sony for what he labeled a “troubling lack of notification from Sony about the nature of the data breach”
“Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised,” he wrote" Read Full Article: - via wired