Following six days of PlayStation Network and Qriocity outages, Sony has finally admitted that it is due to a "malicious hack". In a blog released on the Sony PlayStation site yesterday, Nick Caplin, Head of Communications, wrote that they were still trying to resolve the outage but were also actively emailing all their users to warn them of the breach.
Sony believes that an "unauthorised person" has obtained users postal address, name, email, date of birth and logins and passwords. It is also possible they have additional profile data "including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained." Sony also admits that "While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained."
The PlayStation network has 70 million users worldwide making the potential implications of this breach massive.
Sony has warned users "to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information".
Many users are complaining that it has taken Sony almost 7 days to alert them to the fact that credit card details may have been taken. Sony have defended this by saying that "we learned there was an intrusion [on] 19 April and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident,"
"It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon."
The whole incident is a PR disaster for Sony at a time when they are launching two new tablets to rival Apple's iPad. The true extent of the damage will only be found out over the coming weeks as the world sees what information is being used maliciously from the hack.
Return to security news headlines
View Security News Archive