 |
| Playstation network error message / techrunch image |
Yesterday Sony revealed that some 77 million members of its Playstation Network had their personal information harvested by hackers, including name, address, and possibly credit card numbers in a massive security breach. Sony pulled down PSN as soon as it detected the breach, (we’ve been following the story since it first began last week), and it’s now regularly sharing more details to provide clarity to the situation.
This evening Sony posted a lengthy Q&A discussing the security measures it had taken to keep user data in the first place. Among the answers:
- Sony says that it’s working with law enforcement and views this as a criminal act.
- Personal data (name, address, etc) was not encrypted, but credit card information was — though Sony can’t rule out that it was accessed.
- Credit card security codes (the three digit numbers on the back of the card) were not stored, so they weren’t compromised
- Sony suggests looking at your email confirmations for past transactions to determine which credit card you had connected to the account.
Sony also clarified that while it detected the breach on April 19, it didn’t know the scope of the data that was harvested until April 25, the day before its announcement (Sony has come under lots of fire for apparently waiting a long time to disclose the information). However, Sony’s defense isn’t that solid — if it even thought there was a possibility credit cards might have been taken, it seems like it should have given users fair warning.
Techcrunch
No comments:
Post a Comment