PlayStation Network Hack Leaves Credit Card Info at Risk

[security curmudgeon <jericho () attrition org>]

http://www.wired.com/gamelife/2011/04/playstation-network-hacked/

PlayStation Network Hack Leaves Credit Card Info at Risk
By Jason Schreier Email Author
April 26, 2011

Sony thinks an "unauthorized person" now has access to all PlayStation 
Network account information and passwords, and may have obtained users. 
credit card numbers.

The PlayStation maker said it believes hackers now have access to 
customers. vital information, including names, birthdates, physical and 
e-mail addresses, and PlayStation Network/Qriocity passwords, logins, 
handles and online IDs.

Credit card information, purchase histories and other profile data stored 
on the PlayStation Network servers also could be compromised, the Japanese 
company said in a lengthy blog post Tuesday afternoon.

"While there is no evidence at this time that credit card data was taken, 
we cannot rule out the possibility," reads the post, which Sony says it 
will e-mail to all PlayStation Network account holders, as well as users 
of its Qriocity streaming-media service. "If you have provided your credit 
card data through PlayStation Network or Qriocity, out of an abundance of 
caution we are advising you that your credit card number (excluding 
security code) and expiration date may have been obtained."

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/