Sony: Personal info compromised on PSN
Sony acknowledged today that the personal information of its PlayStation Network customers has been compromised.
The company posted an update on its blog today warning its more than 70 million customers that their personal information, including customer names, addresses, e-mail addresses, birthdays, PlayStation Network and Qriocity passwords, and user names, as well as online user handles, was obtained illegally by an "unauthorized person." The data was accessed between April 17 and April 19, according to Sony.
With respect to credit card information, which many users have given to Sony in order to purchase or rent content via the service, Sony is less sure of what transpired.
"While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility," a company spokesman wrote today. "If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."
And as a result, Sony has temporarily turned off PlayStation Network and Qriocity, its subscription music service, contracted with an outside security firm to investigate the intrusion on its network, and started to rebuild its system and security.
It took Sony five days to level with its customers about the consequences of what knocked its service offline. Midway through last week users noticed error messages when trying to sign into the service. While the company initially acknowledged the service was inaccessible on Friday, it offered no explanation of why and said PSN would be back up and running in a "day or two."
Yesterday Sony acknowledged an "external intrusion" on its network and said it was in the process of rebuilding PSN. It never hinted that personal data was compromised, and it's unclear what took them so long to do so.
The company says it is currently in the process of e-mailing all of its customers about the intrusion.
At 70 million records exposed the Sony breach could be one of the largest. The DataLossDB.org site lists four breaches larger than that with the Heartland breach in 2009, which exposed about 130 million records, at the top followed by the TJ Maxx breach at 94 million records in 2007.
In the meantime, Sony says it "has a clear path" to bring PSN and Qriocity back online "within a week."
This post was updated at 2:35 pm PT with additional context.
CNET's Elinor Mills contributed to this story.
Erica Ogg is a CNET News reporter who covers Apple, HP, Dell, and other PC makers, as well as the consumer electronics industry. She's also one of the hosts of CNET News' Daily Podcast. In her non-work life, she's a history geek, a loyal Dodgers fan, and a mac-and-cheese connoisseur.
Read more: http://news.cnet.com/8301-31021_3-20057577-260.html#ixzz1KfbcxFeE
Shameless Screen grab from cnet
Shameless Screen grab from cnet
No comments:
Post a Comment