An "unauthorised person" has stolen the personal information of more than 70 million users of Sony's PlayStation Network, the company has admitted.
The breach occurred on 19 April, more than a week ago, when Sony shut down its PSN and Qriocity online services, but the company has waited until now to warn its users that their data had been compromised.
The company said the following type of information was taken: "name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained."
The major concern is financial data, however. "While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility," Sony warned. "If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."
Security experts speculated it was likely this was a criminal operation, rather than a lone hacker. Credit card details can be easily sold -- for around $3 each -- while email addresses and passwords are sold on to be harvested for scams.
A CNET UK reader who contacted us said his Gmail had been hacked last night and used to send out links. The reader, who does not want to be named, says his PSN account was registered using the Gmail address and used the same password for both, which he admitted was unwise. This could be a coincidence, but it's the kind of caper you should be wary of.
What you should do
Change your PSN and/or Qriocity passwords as soon as the service is back up and running, even if you rarely use them. If you use a similar password for other services, alter those immediately. If your PSN security answers were common to other services you use, contact those services and change your answers -- especially with your bank account.
"For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information," Sony advised.
PSN being out for more than a week has angered fans of the service, which has been constantly compared with Microsoft's Xbox Live since the two launched. "Hey PSN. I am hanging in there," user link1983 commented. "I am going to admit it is getting tough. I am taking abuse daily from people who own 360s. I am not going to defect, ever. I just hope this thing is resolved soon."
He could be hanging tough a while longer. "We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week," promised Sony. "We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable."
Are you a disgruntled PS3 owner? Or a happy Xbox fan? Feel free to vent or be insufferably smug in the comments below.
Android App 
RSS Feeds 
iPhone App 
Newsletters 
Comments 41
Add your comment
Anonymous 27 April, 2011 10:42
Uh-oh.
Anonymous 27 April, 2011 10:46
They must have known this was going to happen after giving Geohotz so much grief
Anonymous 27 April, 2011 10:55
Unlucky PSN, sucks to be you! XBOX4LIFE!
Anonymous 27 April, 2011 10:59
Well i know alot of people who are going to move over to XBOX- well done sony you f***ed It.
Anonymous 27 April, 2011 11:00
Muahaha. Serves ps3 owners right for buying the wrong console doesnt it!!!
Anonymous 27 April, 2011 11:05
I use both and it's just very annoying to not be able to play back ops for the 4 day weekend I don't think I'll be buying any more ps3 games it is now a expensive blu ray player
Anonymous 27 April, 2011 11:05
Things like this are inevitable. There is always some one who wants a challange and this invation was their victory, it has shut down psn for over a week now and they could have millions of peoples personal details. It will make them a fortune! I ask tho why was it that they was able to do this, shouldnt have sony had these 'outside' security genius' on board from an earlier point??? the trouble is that there will always be some idiot looking to ruin it for everyone else, at least sony are being proactive about fixing it. I love my ps3 and will never defect to the 360- FACT! Briggos.
Anonymous 27 April, 2011 11:06
allways liked the play station better than x box till now wish i wood have got 1 and so bord
Anonymous 27 April, 2011 11:07
Urm.....no i will not change my ANY of my passwords, if i get hacked in anyway, ill be contacting a lawyer.
Anonymous 27 April, 2011 11:19
PS3 lets you swear at other gamers and give abuse during gameplay without fear of somebody reporting you to the network... PS3's a badboys toy... and you dont need to pay for network access... I will never own a red light repair prone XBOX
Anonymous 27 April, 2011 11:20
WHAT it seems that sony guys dont want to admit that they ...................
anyway changing passwords is good but we cant change our name address and date of birth which the hackers can do alot with these so psn users dont be shocked if one day police asked you to come to police station for any kinds of crimes !!!!!!!!!!!!!!!!!!
and i do not want to change my email addresss!!!!!!!!!!!!!!!!!!!!!!
i think we all deserve a proper compensation
Anonymous 27 April, 2011 11:23
PS3 should really compensate us for this
James Pitts 27 April, 2011 12:11
people are saying ps3 is the wrong console.....how, seriously.........thats like saying you brought a lamborghini and it broke down told you, you should of got a metro
ps3 is the better console. end of. unlike xbox sony will pull the plug knowing the risks, microsoft will just warn people and let the s*** carry on.
ive had ps3 since it come out and only replaced to get a bigger hdd in it, but my cousin still has my original one, still working perfect, in that time ive had 5 xbox360's, all with hardware problems so ive given up on spending money on something which is clearly poorly put together.
just cause this has happened it gives xbox owners 1up on ps3 owners.....but in the long run, ps3 owners win as they dont have to go out and buy a new one :)
Anonymous 27 April, 2011 12:15
Omg people's bank accounts could be at risk? Glad I don't have a PS3 then. LOL at the idiots saying PSN users deserve this for "getting the wrong console". Console owners generally aren't adults so it will be their parents most likely being affected by this, so shut up.
anonymous 27 April, 2011 12:26
When a company like sony ask for your details you expect the details to be better protected. This is completely unacceptable.
anonymous 27 April, 2011 12:27
Can we please stop the tit-for-tat on xbox vs ps3, it solves nothing.
James Hogg 27 April, 2011 12:31
I think slot of the comments here are quite juvenile. I agree something like this is always bound to happen. You could have the tightest security and still people will find a way. I we all wanted we could rob a bank or mug people. We don't because of the consequences. As easy as it sounds the people who do this are very skilled, very lonely, but very skilled. They dedicate their lives to hacking. The downside is that yes as a PSN user I don't want my details to be used in a way to commit crime or fraud. The thing is if someone does use your details they can be easily traced and banks, and insurers do pay up. There are support groups for this. A lot of you are blaming Sony for this. It's easy to say that after the problem occurs. It's like blaming the victim of a mugging for being mugged. Unfortunately this is now a way of life these days. It was that Sony became a target, because of the lawsuit, but you couldn't have predicted this.
anonymous 27 April, 2011 13:07
I'm sorry I own both an x-box & ps3, I won't trust the ps3 again. As far as I'm concerned it's now a DVD player with a hard drive. Cheers Sony. This isn't a xbox vs sony thing people, these are our personal details they allowed to be released.
BTW in case my details get stolen & I get defraded as a result, please provide your claims department details. You'll be getting the bill.
JPRobbo 27 April, 2011 13:41
I'm glad that I own an Xbox 360. Then, I can play Call of the Dead on Black Ops' Escalation DLC on May 3rd, while PS users will have no money, no DLC and very little faith in Sony.
Anonymous 27 April, 2011 14:04
Sony should of had these security enhancements put in place and constantly updated. If credit card information has been jeopardized, Sony should be liable for this, as a company this size should have invested in enhanced security. Small online retailers have better security than Sony (Fact!!!) They were asking for this to happen. I have lost faith in Sony and I'm not sure how there going to get that trust back after this. They basically saw that are details and credit card information was not worth the added security, Thanks Sony, I'm glad to see what the customer really means to you.
jagman9310 27 April, 2011 15:02
Anonymous 27 April, 2011 11:19,
You may believe that 360s break all the time, but the fact is this: I have owned one since 2006 and nothing has ever gone wrong with it. And, I won't be paying bills for someone elses fridge freezers, but I will be enjoying some nice relaxing zombie-killing.
Dean Shepherd 27 April, 2011 15:22
I love how people get so bent outta shape like this.
Sony most likely HAD enhanced security...I mean given how much money they make every quarter it was seem silly not to. Like the article mentioned it was not some 'lone' hacker working out of his mum's basement to PROVE he could do it, it was most likely a criminal operation with INTENT to steal information. To be fair, with MOST system regardless of the 'great' Sony or even Apple, if someone has the means to and finds the loop hole in the fence, someone will exploit that for finacial gain.
And to those people saying "Sony should compensate us"....umm...no..no they shouldn't, if most people ever bothered to read T/C nowadays there are always fine print clauses saying that while they are responsible, if there was a deliberate attack made, rather than a screw up...then they dont have to compensate. The fact that most companies DO is just testament to their quality of service.
And I wont be jumping on the Xbox/PS3 bitching bandwagon here....my fiancée owns a PS3 and I like it, have played it...prefer Xbox only because of the controller and it just is more console like in my eyes...as in "Sit down and play quick" kinda thing...but thats choice...how this is REALLY going to affect and make LOTS of people jump from sony to microsoft is beyond me...I mean didnt Google just a few months ago lose alot of accounts and details? hmmm....did it affect them greatly with people jumping email accounts? doubt it...
come on people...get a grip...oh and the one above that said its parents most likely paying....good show :P
Anonymous 27 April, 2011 16:13
@Dean
Their T&Cs regarding deliberate attacks - if they're found to have been negligent with regards to keeping data secure, nothing in their T&Cs will protect them
Anonymous 27 April, 2011 16:16
Dean Shepard,
They Had enhanced security? The security used by the company is outdated, It may well have been secure 6 years ago when the ps3 came out but not anymore. Of course they make big profits, especially from ps3, surely some of that money could have been invested into improving the security.
In terms of compensation you are somewhat right, however, a major issue you are forgetting is the legal aspect of data protection that can over rule the this if it believes that a company has not took every step possible to enhance and protect information held about a consumer.
If you are naive to believe that consumers and users of the ps3 are going to just forget about this issue and suddenly come down with a case of amnesia, you are sadly mistaken.
Naryan 27 April, 2011 16:37
"I know a lot of people who are going to move over to XBOX" What an idiot you are. No one is going to "move to XBOX" because of this.
Bearne 27 April, 2011 16:40
If anyone doesn't want there PS3 any-more, ill gladly take it off your hands :) lol
anonymous 27 April, 2011 16:44
"Urm.....no i will not change my ANY of my passwords, if i get hacked in anyway, ill be contacting a lawyer."
no you'll be thrown out of court, sony told you to change your passwords and you didn't. your an idiot.
to be honest, i think sony have just been unlucky here, it could of happend to any large company and i fully surport sony in there efforts
Anonymous 27 April, 2011 17:26
Come on Sony, get that PSN back up and running.
As an owner of both PS3 and 360, I have to say XBox live is a rip off. Both offer comparable services but one is free so PSN is a clear winner.
Dean Shepherd 27 April, 2011 18:30
@ Anonymous 27 April, 2011 16:13
that is very true, but I think you find that if this was a direct criminal attack ,then negligence might not be the case here..but we wont ever know the full story really...like the vodafone 'break in' a couple months back really...
@ Anonymous 27 April, 2011 16:16
first its ShepHERD not ARD :P thank you...
and you are right to say that if it was taken to court and it was shown that Sony had loopholes that they knew about in their security and failed to act upon them then, yes you are correct court action and compensation can apply and would stay alot longer in court without possibly being thrown out.
to your point on the security...do you REALLY believe a big corporation like Sony would keep an antiquated security system? ok it might not be the best (as this proves) but the PS3 has had numerous downloaded updates for security plugs, as well as their own servers and backup servers having more improved security....im not saying its perfect and im not sticking up for them...im just trying to highlight that if their system was SO far out of date like you said, then well...someone would of already broken it hard by now and done this already...I mean it doesnt take hackers 6 years to break it with the way the software world moves nowadays..
and was you saying I was being naive to think people would forget? cos frankly I never said that....I just said this isnt going to be AS big a thing as some people are making out...that was in reference to people 'jumping' ship to Xbox...I mean by all means no one in their right mind should forget this...and some will obviously cut the connection between ps3 and the net now for fears...but to jump to another console? thats just plainly stupid...I mean come on..its like these people (the jumping ship ones) are ONLY using a console just for online use? I mean you can get the updates downloaded onto PC and just copy them across...so thats not the issue...
I mean one commenter above is pissed because he cant play black ops online...like the world is ending cos you cant play online?? come on....damn I still play consoles either WITH real people in the room or single player and their still bloody fun for what they are...
thats all I was getting at anon...
Anonymous 27 April, 2011 18:33
Ah well its times like these i'm happy i faked my date of birth and postage settings. As for the credit card details, ill have to say im quite f***ed -_- can i sue playstation?
Anonymous 27 April, 2011 19:24
Dean Shepherd, not Ard :) apologies....
In relation to security, we could debate this until the cows come home.....However, whether or not the company has made enough "updates" in security is a matter of opinion. It could well be in Sony's viewpoint they have done enough to secure its network, but by the look of this current issue, it may not seem so. I suppose in hindsight they should have made these so called security enhancements that they are making now previously to prevent this from happen. Although there network was infiltrated not soo long ago which begs the question why are these soo called security enhancements being made now when they could have been made after the "anonymous" incident?
Yes that's correct but you did say for people to get a grip. It's just i assumed you meant this in relation to people over reacting to the seriousness of the current situation with the theft of confidential information which people are rightly so to be annoyed with. However, I apologize for misinterpreting this and i am in complete agreement that for an individual to jump ship to xbox from ps3 is a bit drastic. This whole xbox vs ps3 is pointless and im not sure why there is soo much debate about it, whichever you prefer buy it, play it, end of story.....
Anonymous 27 April, 2011 19:47
They'll be tried for potentially breaching the Data Protection Act. This whole thing has been a farce, and judging from how Sony didn't let people know sooner, so was there reaction.
Maybe the crims have the details but can't actually access them because they're encrypted themselves? Like copying an encrypted file to your home computer and then not being able to do much with it. Seems like false hope - if they have the know-how to cripple the PSN for a week and make off with 77m users' deets, they probably have the know-how to decrypt them.
Sony's dropped the ball this gen, IMO. Now this too... lucky L.A. Noire is coming out otherwise I wouldn't even be playing my PS3! Although GT5 rocks ass.
Anonymous 27 April, 2011 21:27
WHO? Wants to have to probobly go THREW HELL changing everything like passwords and secret questions for everything WTF !! FFS Im pissed we shouldnt have to do this i swear to god someone plsssss SUE SONY!!!
Anonymous 27 April, 2011 21:29
I say everyone should sue sony i dont care about psn anymore. God help anyone who gets hacked...F*ck sony!!!!!!
Anonymous 27 April, 2011 21:33
All of you guys are sad losers lol prob ob*se haha get a life f*gs swap to xbox it is waaaaaaaaaaaay better than psh*t hahaha fat f*s
- Phil Burnell
- darksydephil@hotmail.com send me your thoughts fatties - darksydephil@hotmail.com
Dean Shepherd 27 April, 2011 21:49
@ Anonymous 27 April, 2011 19:24
I agree totally with that...
oh...you did highlight that the incident was "anonymous" hmmmm....your anonymous.....so is alot of others here posting...hmmmmm
*strokes chin pondering*
:P
Anonymous 27 April, 2011 22:44
Indeed Dean Shepherd..... :)
Anonymous 28 April, 2011 16:04
OMG this lame PS3 is better than X box is so lame it's like Atari Vs Amiga back in the eighties...FFS grow up people. Oh and mmm sony got hacked big deal.. MIcrosoft have to patch up their operating systems everymmonth because of exploits and it's taken someone a lot longer to hack Sont over Microsoft so I can see who I'm sticking with.
Anonymous 28 April, 2011 19:46
I agree with those who say there is lots of hogwash written here about the breakdown.
The guys (and it is likely to be guys, not gals) who say they are bored or who have nothing else to do should remember the gadget is just a gadget.
They should get a life and maybe a book.
Anonymous 28 April, 2011 20:20
this may happen to mircosoft next with xbox live if they can do it sony they can do it to mircosoft
Anonymous 2 May, 2011 15:07
ps3 just pissed off 4Chan, its rummered that 4Chan hacked the PS3 network