Warning to all those with a Playstation and used PSN...

[SUIYHP]

Currently released on the BBC
"http://www.bbc.co.uk/news/technology-13192359

Sony has warned users of its PlayStation Network that their personal information, including credit card details, may have been stolen.

The company said that the data might have fallen into the hands of an "unauthorised person" following a hacking attack on its online service.

Access to the network was suspended last Wednesday, but Sony has only now revealed details of what happened.

Users are being warned to look out for attempted telephone and e-mail scams.

In a statement posted on the official PlayStation blog, Nick Caplin, the company's head of communications for Europe, said: "We have discovered that between April 17 and April 19 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network".

The blog posting lists the personal information that Sony believes has been taken.

Name
Address (city, state/province, zip or postal code)
Country
E-mail address
Date of birth
PlayStation Network/Qriocity passwords and login
Handle/PSN online ID
Mr Caplin added: "It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.

"For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information."

Credit cards
Sony admitted that credit card information, used to purchase games, films and music, may also have been stolen.

"While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility," Mr Caplin said.

"If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained."

Sony has not given any indication of how many PlayStation Network users may have had their information taken, but the service has around 70 million members worldwide.

'PR Disaster'
The theft of so much detailed customer data would be seen as a "public relations disaster", according to Graham Cluley, senior technology consultant at security firm Sophos.

"This is a big one," he told BBC News.

"The PlayStation Network is a real consumer product. It is in lots of homes all over the world.

"The impact of this could be much greater than your typical internet hack."

Mr Cluley warned that, even without credit card details, the information taken was enough to help criminals carry out further attacks on other services.

"Some people will use the same passwords on other sites. If I was a hacker right now, I would be taking those e-mail addresses and trying those passwords," he said.

User anger

Some streaming media services available on PlayStation have been affected by the outage
PlayStation users got their first indication that something was wrong with the service when it became unavailable on Wednesday 20 April.

In the following days, Sony issued three brief statements asking users to be patient while it investigated an "external intrusion", or hack.

However, the fact that it took almost seven days for the company to reveal that data had been taken has angered some gamers.

Commenting on the Sony blog, Tacotaskforce wrote: "You waited a week to tell us our personal information was compromised? That should have been said last Thursday."

Another user Sid4peeps wrote: "This update is about 6 days late. I think it is time to move to the other network, no regard for customers here."

But some PlayStation users appeared to be happy with Sony's handling of the matter. Ejsponge61 commented: "Wow, this is alot of info. Thanks, this is very much appreciated by all of us PlayStation fans."

The Sony PlayStation Network remains unavailable to users. The company has not said when service will be restored.

Do you use the PlayStation network ? Do you believe you may have been one of those potentially hacked? Send us your comments and experiences.

Just to warn all of the people who have had to buy things for their kiddies, it shouldn't bother most of you lot but I will need some help on this. Hopefully some of the older generation can give some nice advice on financial security, the hackers can have my old email, I never use it anymore regardless, but I think I am safe on that front, because my PSN password is completely different to any other password that I use.

but I am concerned about my own personal information and the potential credit details. I used my bank card for the network (Bad move I know) But the fact the security number apparently not has been taken is a good sign that money won't be stolen.

What should my plan of action be? Help would be much appreciated

 

[The_Viper]

the security code (the last 3 digits on the back of your card) is never saved, not on any credit card system - ever

All credit cards are insured against fraud such as this - so even if someone did get your full credit card details, once you notice the transactions, you call up the credit card company and they give you the money back. Note, debit cards are as well - but it takes longer to process as they investigate how your account was compromised (it's not insurance here, so the banks investigate further as it's their money - not their underwriting insurances money - that they refund you with)

Seriously, it's a massive pain in the arse that PSN is down, but I've read about some mugs going and buying a 360 because they can't play on CoD for a few days lmao.

 

[SUIYHP]

I'll be frank, Call of Duty is the least of my problems.

But is it a lot to get worked up about? or as long as the security number is safe I shouldn't be in too much trouble? I was kinda hoping to do a panic withdrawal from the bank to save at least a fraction of my money

 

[The_Viper]

Personally I wouldn't worry too much, I'd keep an eye on things over the next few days etc, but don't get too worried, espcially if it's visa. I'd be more worried if you had a universal password, then you could be in trouble,

 

[SUIYHP]

That's good, thanks for the heads up, but I'm probably going to change my debit card as soon as possible though, just to be better safe than sorry. And thankfully I am using Visa.

Only virgin mastercard for internet use from now on I think...

 

[The_Viper]

Haha, I get a new one in June, but I'm going to go down tomorrow to cancel it just to be safe as well, I would if I was you it's just not worth the risk over something as expendable as a card. It's a fluke thing that although every xbox fanboy person is loving, it could happen to anyone, it's just a shitter it happened over the holidays haha. In other news, Mortal Kombat should finally arrive tomorrow

 

[magoo]

I never put my card details in over the PSN as i never trusted it.

 

[Jello]

Wondered when a thread on this would start, guess the PS3 fan-boys didn't want to admit that not paying for online gives you a cheap service.
*cuePS3Xboxbinfest* I've got both but never use PS3 online and have never entered any card details.

 

[magoo]

It could just as easily have happened to Microsoft I'm sure...

 

[Zamora For England]

Sky News article - at the start: "PSN hackers have accessed around 77m users' account details"

End of article: "PSN has around 77m users"

 

[Igor Gurinovich?]

I dont see how you can judge that because its free PSN is a 'cheap service' any more than the paid for XBL or anything else.. Facebook is free to use, is that a cheap service where i should expect all my details stolen at a moments notice (possibly)..
Until we know how (if we ever will) the hack took place i'd look carefully at all of my online transactions. If its PSN today, you can be sure it'll be XBL etc tomorrow..

 

[Gary Leeds]

One thing the recent hacks to the PS3 firmware has proved is Sony send your credit card details unencrypted every time you log onto the PSN. Their security has been awful on PSN and yes I agree with the people interviewed that as this was known nearly a week ago why has it taken this long to warn its members over the leak? And as for storing passwords as plain text that can be hacked, that is just plain stupid. Even basic free forum software encrypts the passwords and stores it as a random looking string of numbers that cannot be reversed back (well not without knowing the encryption key and then trying millions of combinations).

Sony have messed up big time here and will take a long time for consumers to trust their service again