Login | Signup

WARNING: Sony Believes That Your Personal Details & Billing Information Has Been Compromised! [UPDATE]

Jonathan Lester
Games news, Hackers, PSN, PSNgate, Sony, Warning

WARNING: Sony Believes That Your Personal Details & Billing Information Has Been Compromised! [UPDATE]

Stop the presses.

Sony has confirmed that the mastermind behind the recent "external intrusions" into the Playstation Network has likely obtained the identity, personal information,account security questions of every PSN user... and possibly your credit card details.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.

If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. - Corporate Communications Exec Patrick Seybold on the Playstation Blog

Sony has urged PSN customers to remain vigilant and to check their associated credit cards and bank accounts to monitor for suspicious transactions. At least they've shed some light on the situation, but this could be an absolute distaster for consumer confidence.

This attack is believed to have been facilitated by the Rebug custom firmware that hit the internet just before PSN was taken offline.

And now for the good news: Sony also believes that PSN will be up and running within the week. Here's hoping!

UPDATE: The Information Commissioner's Office has confirmed that it will formally investigate Sony's handling of the situation - with a view to taking action if their data security doesn't comply with UK law. More details below.

A spokesman for the ICO (not to be confused with Team Ico!) confirmed to EG that they will be investigating both the hacker responsible and whether Sony's security and handling of sensitive information was unlawfully negligent.

The Information Commissioner's Office takes data protection breaches extremely seriously.

Any business or organisation that is processing personal information in the UK must ensure they comply with the law, including the need to keep data secure.

We have recently been informed of an incident which appears to involve Sony. We are contacting Sony and will be making further enquiries to establish the precise nature of the incident before deciding what action, if any, needs to be taken by this office.

We'll keep you posted with further updates.

Add a comment 1 comment
ODB  Apr. 27, 2011 at 11:18

A week near enough to admit details have been taken...possibly including card details

I don't see any way back for Sony's PR here...They obvo knew this when they took it offline, they should have told everyone immediately it was a possibility...a week is a long time for someone to be holding your card details

I genuinely hope no one has anything taken here (inc myself!) but this is a huge fail on Sony's part. Yeah hackers did it etc but Sony alowed the back door which is bad enough but the real issue is holding this for a week, if they had told us straight away then it would give people more confidence. Even worse is I found this out by watching the news. Why haven't Sony emailed everyone individually? Nothing to any of my accounts. They are trying to look good in the media alone...no care about the individual consumer, just the comapny image and profits

Email Address:

You don't need an account to comment. Just enter your email address. We'll keep it private.