Sony’s PlayStation Network was effectively shut off by the company itself last Wednesday following what it claims was an “external intrusion” which compromised the infrastructure that powers the PlayStation 3s online offerings. Minor details have surfaced here and there since the initial outage, with the most worrisome coming out today: users’ private information – from personal details to credit card numbers – may have leaked.
SCEAs Patrick Seybold confirmed on Tuesday that the company believes myriad personal information of both Qricity and PlayStation Network members has been illegally obtained due to the “illegal intrusion” that lead up to the suspension of both services last week.
From the Official U.S. PlayStation Blog:
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained.
Part of a form letter being sent out to subscribers and account holders, the message also doesn’t rule out the possibility that credit card numbers were among the info compromised.
“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility,” read the warning. “If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”
In the wake of this worrisome news, some have criticized Sony’s delay on informing its customers their credit card information may now be in the hands on criminals. Tomorrow will mark the seventh day of the PSN outage, yet over Easter weekend gamers feared the implications of such an attack. Now, some insiders are foreseeing possible class-action suits targeting Sony.
Just after the shutdown when little was known as to its scope and severity, the initial consensus was that the culprit was online hacktivist Anonymous…again. The group promptly released a statement saying a new attack on the PSN was not sanctioned, though offered the caveat that stragglers within the group could have pulled it off without the collective’s blessing.
As always, we’ll continue to follow this story and bring substantive updates as they emerge.