Sony says data was stolen, but hedges on credit card theft
Just posted to the PS Blog: the most info yet about the week-long attack/maintenance on PlayStation Network.
Sony says “an unauthorized person” (note the singular) has obtained the personal information associated with PSN accounts: name, address (city, state, zip), country, email, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. Then things get sketchy:
While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
I’m pretty sure the PS Store maintains your credit card data, because you do not have to enter it in every time like you do if you buy points on the Wii’s Shop Channel. So does THAT data go to a more secure location than my birthday? Or has that data only been obtained if you checked “save this CC number” waaaay back when you used the PS Store for the first time?
I’d like to see that cleared up. In the meantime, Sony is right to suggest that all PSN users monitor their credit card statements.Tags: outage, playstation3, PS3, psn, Sony