Fury as Sony takes a week to admit credit-card hack

26 Apr 2011
Credit cards

PlayStation Network users warned that credit-card details may have been stolen

PlayStation users have reacted furiously, after Sony admitted customers' credit-card details may have been stolen in a hack attack.

The PlayStation Network - the console's online gaming service - has been down for the best part of the week as Sony battled with an unidentified security issue.

The company tonight broke its silence, admitting that customers' personal details - and possibly their credit-card data - have been stolen.

While there is no evidence at this time that credit-card data was taken, we cannot rule out the possibility

"We have discovered that between 17 April and 19 April 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorised intrusion into our network," the company announced on the PlayStation Blog.

"Although we are still investigating the details of this incident, we believe that an unauthorised person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.

"It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained."

Sony also concedes that payment data may have been compromised. "While there is no evidence at this time that credit-card data was taken, we cannot rule out the possibility," the company said. "If you have provided your credit-card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."

Users' anger

Many customers are angry that Sony has taken so long to admit to the scale of the problem. "Not thrilled that Sony waited a week to mentioned that personal info may have been stolen," said Twitter user @MrPsycohed.

"Wow! Personal details stolen, and possibly credit card details too. And Sony took a week to tell everyone," added @RandomStanYau

"So tempted to trade in my PS3," said @thisisnath. "You messed up big time Sony."

Customer advice

Sony has stopped short of advising customers to cancel their credit cards, but is warning users to keep a close eye on their financial affairs. "To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports," the company states.

It's also warning users of the potential of secondary attacks. "If you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them," Sony adds.

Ironically, Sony is advising customers to change their PlayStation Network logins and passwords - although the service isn't yet back up and running.

Read more

News