After a week of PlayStation Network being down, PS3 fans wandering around in a multiplayer-less daze, and a very marked lack of explanation on the entire matter from Sony itself, it seems the other shoe has finally dropped.
And unfortunately, it failed to land in the place where non-bad shoes do.
Breaking their week-long silence, Senior Director of Corporate Communications, Patrick Seybold, took to the Official PlayStation Blog and finally explained what had been going on during the last week.
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:
- Temporarily turned off PlayStation Network and Qriocity services;
- Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
- Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
Seybold continues, outlining the potential extent of the user account compromise:
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
Yes, you read that correctly. While it is not certain, your credit card information may have been obtained during the hack.
And they waited a week to tell the world about it.
Amazing job, Sony.
Seybold goes on to further outline steps that PlayStation Network members can take to have their credit accounts flagged for potential fraud and claims that with their team working nonstop, that they “expect to restore some services within a week.”
Still, regardless of what your opinion on Sony may be, it goes without saying that waiting this long to inform consumers was a blunder of epic proportions; one they may be hard-pressed to recover from anytime soon.
What about all of you? Have you already called to cancel your credit card or changed your passwords? Let us know your thoughts in the comments below.
[Via: PlayStation Blog]