Something which is hard for me to be sarcastic about: Sony’s Playstation Network database has been hacked into, and the personal information stored therein has been stolen. Well, fuck.
According to Sony’s official statement on the matter, if you have a PSN account, then guess what the hackers have?
- Your name
- Your address (city, state, and zip)
- Your country
- Your e-mail address
- Your birthday
- Your PSN password and login name
- Your security question and answer
These might seem like relatively benign data points after you simply change your passwords (which you absolutely should if you use the same one in multiple places), but if a small amount of ingenuity and hacking expertise are applied, then this data is sufficient to get to work on stealing an identity. Better yet: millions of identities.
Even better yet: Sony can’t rule out that credit card information was also stolen…
The most immediate question, of course, is whether the credit information is safe. Sony, in an FAQ which is very much worth reading, says this:
“While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.”
Potentially reassuring. However, some PSN users do claim to having had their bank accounts compromised. It would be prudent to keep an eye on your funds, though it would be premature to cancel all your cards this very instant. The FAQ and official statement I linked contain plenty of information on what precautions PSN users can take.
So, what does this mean for Sony? What started as a fluff piece in the local newspaper’s tech section has rocketed into the hacker history books, which will no doubt cause major PR issues for Sony and the Playstation brand in particular. There’s already at least one lawsuit! I’m a PSN customer myself, and while I certainly feel that Sony deserves their share of the blame, I don’t see anyone remembering to call the hackers terrible people. Personally, I’d prefer to see the criminals brought to justice than to see Sony get their pants sued away. Though I’d settle for both.
Well… good luck!