April 27, 2011, 9:52 AM — Sony has admitted that account details, logins and online IDs for registered Sony PlayStation Network users, as many as 77 million people, have been compromised. The information was stolen sometime between April 17 and 19, according to a Sony blog post, as early as nine days before Sony notified its users of the breach. Even worse, the company says it can't be sure whether credit card information was stolen.
The admission came nearly a week after Sony pulled the plug on PSN and its Qriocity music service, blaming the outage on an "external intrusion" into Sony's network. Sony says that it is rebuilding the PSN and Qriocity server system with improved security. Both services are expected to be operational within the next week.
Sony has quite the security disaster on its hands, and the fact that it took the company almost 10 days to figure out and then admit that user data had been stolen is troubling to say the least. If you're a registered PSN user, the implications for you and your online information is quite serious. Here's what you need to know:
What the bad guys know about you
Sony said the following user information was compromised: your name, address (city, state, zip), country, e-mail address, birth date, PlayStation Network/Qriocity password and login, and handle/PSN online ID.
It's also possible, according to Sony, that hackers obtained your PSN purchase history, billing address (city, state, zip), and password security answers.
If that wasn't bad enough, it's also possible your credit card information was stolen, including your card number and expiration date. "While there is no evidence at this time that credit card data was taken," Sony said, "we cannot rule out the possibility." Your credit card's security code (typically a three-digit number on the back of your card) was not compromised, according to Sony.
Your kids' account is compromised, too
Sony also warns that if you have a sub-account for a minor attached to your PSN credentials, that account is probably toast as well.
What to do