Sony has finally openly stated its reason for closing the Playstation Network (PSN). The network was hacked and any personal data entered by players may have fallen into the hands of cybercriminals.
Basically, any data players submitted to PSN or Qriocity may have been taken. This includes credit card numbers and expiration dates; Purchasing and billing history; as well as names, addresses, phone numbers, and login information.
Sony states the infiltration took place between April 17 and April 19. In addition to closing down PSN and Qriocity temporarily, Sony has hired an outside investigative firm and is currently rebuilding their system with better security.
They go on to give tips to PSN and Qriocity users on avoiding identity theft (which I’ll paste at the bottom of this article.)
It’s interesting Sony waited this long (nearly a week) to reveal that credit card information was taken along with nearly anything else a cybercriminal could dream of. Sony posted a separate message clarifying this, however.
They state “There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised.”
Sony apparently learned of the intrusion on April 19, but only yesterday did their hired security experts “understand the scope of the breach.”
This is just speculation, but from the looks of things, I suspect a member of Anonymous Operations had hacked Sony looking for incriminating data. Sony then saw the breach and closed their networks down, as it does contain vital user information.
Digital security company Sophos posted some useful tips for users, which you can find
. Go to the bottom where they have tips on what to do if your email, financial data, or account was hacked. Below is the security information from Sony, including numbers and services:
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.
We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.
Sony Computer Entertainment and Sony Network Entertainment
Photo Credit: By Michel Ngilen from Des Moines, United States (Playstation 3) [CC-BY-2.0 (www.creativecommons.org/licenses/by/2.0)], via Wikimedia Commons.
* Correction: Although user data was compromised and its contents were visible to the Playstation Network intruder, it is possible the data was not actually stolen.