Sony thinks an “unauthorized person” now has access to all
PlayStation Network account information and passwords, and may have
obtained the credit card numbers of the service’s 70 million users.
The PlayStation maker said it believes hackers now have access to customers’ vital information,
including names, birthdates, physical and e-mail addresses, and
PlayStation Network/Qriocity passwords, logins, handles and online IDs.
Credit card information, purchase histories and other profile data
stored on the PlayStation Network servers also could be compromised, the
Japanese company said in a lengthy blog post Tuesday afternoon.
“While there is no evidence at this time that credit card data was
taken, we cannot rule out the possibility,” reads the post, which Sony
says it will e-mail to all PlayStation Network account holders, as well
as users of its Qriocity streaming-media service. “If you have provided your credit card data
through PlayStation Network or Qriocity, out of an abundance of caution
we are advising you that your credit card number (excluding security
code) and expiration date may have been obtained.”
The PlayStation Network, which provides online gameplay and digital
game shopping for owners of PlayStation 3 and PSP devices, has been down since Wednesday,
following what Sony called an “illegal intrusion” on its servers. The
company says it expects to restore “some services” within a week’s time.
Sony said it has temporarily shut down the PlayStation Network and
Qriocity services and hired an outside security firm “to conduct a full
and complete investigation into what happened,” but refused to offer
details on the hack.
When the services go back online, Sony suggests users change their
passwords. But until then, the company warned about phishing scams.