Please see below for an official statement from Sony on the situation regarding the PSN. This has been copied in whole as to not miss out any important information.
“Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems. These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows. We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.
We’re working day and night to ensure it is done as quickly as possible. We appreciate your patience and feedback.
Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:
- Temporarily turned off PlayStation Network and Qriocity services;
- Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
- Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.
We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; orwww.oag.state.md.us.
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.
Sincerely,
Sony Computer Entertainment and Sony Network Entertainment”
Source: US PS Blog
TURRICAN-808
I just checked the same story being reported on IGN.com. Users/bloggers on that site are more worried if their trophies have been hacked, lol
gideon1451
Priorities, in’it.
deezoned
Regarding trophies, check the Sony FAQ … some may be lost …
http://faq.en.playstation.com/cgi-bin/scee_gb.cfg/php/enduser/std_adp.php?locale=en_GB&p_faqid=4949
E8_BALL_
i may get a platinum yet.
deezoned
Sony still has some fundamental explaining to do:
How could it be possible to retrieve all that data in clear text?! Surely personal information and especially credit card information is legally required to be stored in an encrypted form! This only suggest that the hack was deeper than ever imagined since they must have been able to enter the decryption servers/systems as well?
Sad day indeed for our beloved PlayStation…
m61726b
My thoughts too. If I access my details via my own PS3 I needed to enter my password and even then the middle 8 number were replaced with ‘x’. It either wasn’t encrypted or if it was then the idiots at Sony probably used the infamous Root Key and the key.
PriceKitty
Edit: This comment is completely unacceptable. A snapshot of it has been taken and will be sent to Cb so he can decide the appropriate course of action – Dan
skibadee
are you for real.
m61726b
WTF! No need for that non-sense
AG2297
This has absolutely nothing to do with Japan.
Your comment is absolutely despicable.
The Lone Steven
Get out.There is no need for a comment like this.
nofi
Oh hai.
cc_star
If there was a list of the worst comments ever, it would contain only yours.
icuyesido
You are a truly horrible person.
nemesisND1derboy
He speaks the truth…NOT.
Mentally deficient, anyone?
Shall we leave this one to you, Peter? Perma would be nice.
Ryan1991
If I could get away with the things I want to say I would. But I can’t so I will simply say, moron.
BrendanCalls
Your not worthy of abuse…just pity
Jas-n
Ahahahahahahahahahahahaha
Jas-n
Wait a minute who circumcised my comment?
icuyesido
lol
mynameisblair
Why is this still here? It’s making my eyes hurt.
Awayze
WTF, gtfo you racist troll!
Who says it was a Japanese person?
BIGAL-1992
Idiot. Of all the comments I’ve ever heard on this site, this is the most ignorant of the lot. And that is quite a feat.
paxpacis
can you please delete the comments also next time, I now really want to know what was written here..
DrNate86
It was your standard, ignorant racist gibberish. Nothing special, though thankfully rare on TSA.
gideon1451
Haha, me too. I’m intrigued. Sounds truly awful though D:
BIGAL-1992
It was a xenophobic comment against the japanese. That’s all I’m prepared to say.
nemesisND1derboy
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANNNNNNNNNNNNNNNNNNNNNNNNNNNDDDDDDDDDDDDDDDDDDDD he’s outta here!
BIGAL-1992
Saiyonara! (I know I’ve probably botched it)
skibadee
card cancelled will do a credit check tomorrow.
Lyts1985
To be fair, a determined talented hacker is going to be very difficult to stop no matter who you are… And maybe Sony could have done a better job encrypting our details, maybe they did all they could, we’ll never know. But the biggest issue I have with SCE is that this somewhat pertinent information wasn’t brought to our attention sooner. These people have had over a week to do as they please with our details while Sony have us believe PSN is undergoing maintenance that may/may not be a result of intrusion…
Thankfully my PSN email account and password are completely different to those used everywhere else – Just a shame I can’t say the same about everything else they may well have access to.
On top of the fact I may very well now be the owner of a Bugatti Veyron I will never get to drive, the missus will never let this go…
I do honestly think though that Sony’s advice is worth heeding… Stay vigilant, and no need to panic just yet guys :-)
a inferior race
This is the worst part. That Sony have decided to not tell me that my personal details may have been stolen until a week after the incident.
Ryan1991
A lot has been said on Twitter and a lot of people are saying that Sony may not have been able to say anything semi-concrete until the damage report was given to Sony.
a inferior race
I can appreciate that they are company and if they said something of this nature occurred incorrectly, then that would have made a fine mess. However, a week is still a long time for something like this to go on without receiving concrete information.
Snebjnr
Oh shit. Looks like am changin all info when its back online again.
sully1311
Was just second news headline on BBC News Channel.
deezoned
Anyone experienced CC fraud which could be related to this? If information was obtained a week ago, some CC’s could have already been used?
DrNate86
I just don’t understand why Sony have taken so long to issue a warning. It’s not like they even know the whole story now, they are still unclear as to whether our details have actually been stolen or not. I would have rather heard their vague warning a week ago when they first suspected it.
david
People are over reacting. We as CC holders are all protected by default any way from online cc fraud. Also, taken from another forum
**********************************************
i think people are over exaggerating on this.
They can’t use the credit card in any other means besides PSN.Digits don’t show up even if the user wants to check on his/her information.
But they could add credits from ones credit card to the PSN.That’s as far as they could go
Check your e-mails,as long as you didn’t get the automated purchase confirmation message recently (given a purchase on the PSN that you don’t remember being made by you)you’re safe.
******************************************
cc_star
errrm say hello to spending months sorting out any dodgy transactions, also card fraud’s friend – ID fraud would like to say hi… that shit can take years to sort out, leaving you in financial paralysis in the mean-time
david
I completely disagree. I’ve been victim before of CC fraud in the UK and it was sorted in a matter of days with full reimbursement from the bank.
I don’t know what your on about unless you’ve experienced that.
m61726b
ID fraud. Get your details, open a bank account in your name then maybe a car and phone or even a mortgage.
The checks in place for handling credit in this country are worse than Sony’s security.
m61726b
Debit card holders like me aren’t protected, if there is money they can take it. And, it’s not an over reaction for fraudsters to have your personal details. TBH I think people are being too passive, Sony have screwed up big time.
nofi
I agree.
nemesisND1derboy
Totally agree.
paxpacis
The check for transaction/purchase mail is useless, they will add your CC info to their accounts with their email (or non existing email) so I do not think you are save if you do not receive any purchase mail…