PlayStation.Blog
PS4 - Batman Arkham Knight

Update on PlayStation Network and Qriocity

Patrick Seybold's Avatar + Posted by Patrick Seybold on Apr 26, 2011 // Sr. Director, Corporate Communications & Social Media

Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems. These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows. We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.

We’re working day and night to ensure it is done as quickly as possible. We appreciate your patience and feedback.

Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

  1. Temporarily turned off PlayStation Network and Qriocity services;
  2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
  3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.

Sincerely,
Sony Computer Entertainment and Sony Network Entertainment

The same information can be found at the following websites:

http://us.playstation.com/news/consumeralerts/#non-us

For those that live the United States, but not Massachusetts or Puerto Rico:
http://us.playstation.com/news/consumeralerts/#us

If you live in Massachusetts:
http://us.playstation.com/news/consumeralerts/#mass

If you live in Puerto Rico
http://us.playstation.com/news/consumeralerts/#pr

//Add Your Own

521 Comments

PAGE 1 2 3 11

1

+ RomuloVitoi on April 26th, 2011 at 12:53 pm said:

Hope it come back quickly


2

+ Ejsponge61 on April 26th, 2011 at 12:54 pm said:

Wow, this is alot of info. Thanks, this is very much appreciated by all of us PlayStation fans.


3

+ GGDBoy on April 26th, 2011 at 12:54 pm said:

Thanks for the update Sony. Hopefully no creditcard info was stolen as well.


4

+ rafael_martines on April 26th, 2011 at 12:54 pm said:

Finally more explanation and a light in the end of the tunnel! Please SONY fix it! Forever!


5

+ TorgoTime on April 26th, 2011 at 12:55 pm said:

WHAT!!! PSN IS DOWN!!!!! IS THIS BREAKING NEWS!!?!?!


6

+ tacotaskforce on April 26th, 2011 at 12:55 pm said:

You waited a WEEK to tell us our persona information was compromised ? That should have been said last Thursday.


7

+ Sophronia on April 26th, 2011 at 12:55 pm said:

Thanks for the update.


8

+ Ar4chNova89 on April 26th, 2011 at 12:56 pm said:

Looks like my 131 Steam games will come in handy.


9

+ Ouren on April 26th, 2011 at 12:57 pm said:

“we believe that an unauthorized person”

One person. :S


10

+ rodrom on April 26th, 2011 at 12:57 pm said:

Holy balls


11

+ Vallanthaz on April 26th, 2011 at 12:57 pm said:

LOL Gears 3.


12

+ EatDeath on April 26th, 2011 at 12:57 pm said:

Thankfully no evidence at this time that credit card data was taken.


13

+ sid4peeps on April 26th, 2011 at 12:58 pm said:

YAWN…

This update is about 6 days LATE. I think it is time to move to the other network, no regard for customers here.

Toodles Sony.


14

+ OreoPoptart on April 26th, 2011 at 12:58 pm said:

JUST STOP! FIX THE GOD DAMN PSN FIRST THEN POST THIS CRAP UP GEEZ


15

+ sid4peeps on April 26th, 2011 at 1:00 pm said:

Hello?

Did you not all just read this?!?!?!

75Million+ accounts of personal information/credit card information has been compromised or stolen!
This is a record amount of information theft. What a LETDOWN.


16

+ jonabbey on April 26th, 2011 at 1:01 pm said:

It’s rather incredible that this is the first meaningful communication you have given us. Many of us who are savvy enough to be reading your blog are technical enough to be running our own Internet services, and you really can’t go wrong by over-communicating, here.

I hope you will be telling us more about how this happened.


17

+ Korbei83 on April 26th, 2011 at 1:01 pm said:

If you have compromised my credit information, you will never receive it again.

The fact that you’ve waited this long to divulge this information to your customers is deplorable. Shame on you.

Excuse me while I go change my password.. oh wait. I can’t.


18

+ ToxicStatistic on April 26th, 2011 at 1:01 pm said:

Don’t let the door hit your ass on the way out, 14 :)

It states that Sony needed to work with other firms to figure out what happened. All that info was not known 6 days ago.


19

+ lcmnick on April 26th, 2011 at 1:02 pm said:

Jesus H.


20

+ Lopez9577 on April 26th, 2011 at 1:02 pm said:

FUDGE!!! this they have my NAME, CITY, STATE, AND ADDRESSS, Sorry sony but you EFFED up BIG TIME man if someone steals my identity I will sue you to the MAX!!!!! believe me I am now deleting/deactivating all my accounts selling this crap of a system and buying an xbox360. seriously i was going to stick with you but if all my info has gotten out there that is pathetic man


21

+ cronqvist on April 26th, 2011 at 1:02 pm said:

Well, that blows. I hope they find whoever got into the PSN and make that person pay. With tears. Of blood.

Or just to the legal extent to which the crime is punishable. That should work.


22

+ Tgebbs on April 26th, 2011 at 1:03 pm said:

What about our trophies? Are they safe?


23

+ Xandure on April 26th, 2011 at 1:03 pm said:

Well at least they’re coming forward with more information. The good news is they caught it early on and ceased all PSN Activity, protecting us in case some one was able to retrieve personal information.

I receive e-mails alerts from my bank whenever a transaction takes place on my debit card, so if there are any fraudulent mishaps, I will know immediately. I highly suggest everyone get this option set up either through your credit card company or your bank of choice.

I would like to make one request though, since you are trying to restore services, why not just bring back online play and just disable the PlayStation Store until further notice. This way we can still log in using our PS3′s and change any information necessary, such as passwords, and or credit card information.


24

+ Battlepope190 on April 26th, 2011 at 1:03 pm said:

Good to see an in-depth answer to what’s going on.


25

+ EatDeath on April 26th, 2011 at 1:03 pm said:

Really, how can some of you all react this way, a person going for information isnt going to make it so blatantly clear of what they took, just think of the other information scandals where to this day it is unknown what information they ran off with…Employing a security firm even seems to indicate that it took a lot of work to just find out what happened, certainly nothing known on the eve of last Tuesday…


26

+ ZERO_169 on April 26th, 2011 at 1:03 pm said:

Finally another update!!!!!!


27

+ VisionaryLight on April 26th, 2011 at 1:03 pm said:

You really should have told us this last week. This is completely unacceptable.


28

+ exterminator_123 on April 26th, 2011 at 1:03 pm said:

YOU SEE WE GONNA HAVE TO CREATE NEW ACCOUNT


29

+ sid4peeps on April 26th, 2011 at 1:04 pm said:

Also, in another Email, Sony states that there will be NO COMPENSATION to PlaystationPlus subscribers what-so-ever!!!


30

+ hanyPS on April 26th, 2011 at 1:05 pm said:

hope it comes back better than before


31

+ dushku on April 26th, 2011 at 1:05 pm said:

Thanks for the update.
Hope you fix everythig)


32

+ sid4peeps on April 26th, 2011 at 1:05 pm said:

Anyone know of a place in Canada that is offering a good trade in for PS3 to Xbox360? Serious.


33

+ tonydamiani on April 26th, 2011 at 1:06 pm said:

OMG O_o wow


34

+ jonabbey on April 26th, 2011 at 1:06 pm said:

On that topic.. when you say that our password data may have been accessed, I hope you mean that our hashed, non-reversible password data may have been accessed.. right? You didn’t have our passwords in plaintext on your servers, did you?


35

+ xxnike629xx on April 26th, 2011 at 1:07 pm said:

Talk about a massive wall of text..

Dear PlayStation,

Thank you for finally posting something….but again a lot of nothing, but this time in the form of a massive wall of text.

Thank you for compromising our personal information & credit cards.

: sarcasm ::


36

+ megamixer on April 26th, 2011 at 1:07 pm said:

Reposting…

Its pretty sad that, throughout all of this PSN mumbo jumbo, we can still play many PS2 games online.

PSP/PS3 games? Nada.

Maybe this whole being connected 24/7 thing is a total dud (see: the utterly pointless WiiConnect).

@Patrick Seybold
Yikes. I hope my debit card is going to be safe. :| Now to think up a new PSN password for whenever the system gets back online.


37

+ Capshot18 on April 26th, 2011 at 1:07 pm said:

It’s nice to see that info about this has been given. I know that you couldn’t say much earlier, but I’m glad we finally know more. For those who had their credit card info tied to their accounts, I hope that those weren’t taken. Anyway, it’s nice to see that the end is in sight.


38

+ xxnike629xx on April 26th, 2011 at 1:07 pm said:

@jonabbey
We hope they encrypted all of our passwords instead of just having them out written in plain text.

>_>


39

+ VisionaryLight on April 26th, 2011 at 1:08 pm said:

What about people in Canada or the rest of the world?


40

+ tomstockmail on April 26th, 2011 at 1:08 pm said:

How long did the hacker have access

@21 / Lopez9477
Goodbye. Don’t come back.


41

+ xxnike629xx on April 26th, 2011 at 1:08 pm said:

It looks like it’s time for me to take off my credit card information from my PS3 and instead resort to buying PSN Cards from stores and online.


42

+ ssjmichael on April 26th, 2011 at 1:09 pm said:

Sony, why don’t you email all PS3/PSP owners? Not everyone reads the blog. You obviously have our email addresses since you spam us with Playstation store updates.

Your poor communication here will be remembered in the future


43

+ Blade133 on April 26th, 2011 at 1:09 pm said:

This… is not a good thing. Judging by the way things look right now, a lot of people won’t be buying the NGP since it relies so heavily on the PSN.


44

+ adolson on April 26th, 2011 at 1:09 pm said:

I should have known better than to trust Sony with my credit card info.


45

+ VixDiesel on April 26th, 2011 at 1:09 pm said:

You guys are seriously dropping the ball here. You wait a week to finally say something legitimate and it might be something that can ruin the lot of us financially. Good thing I took my CC info off my account years ago but that’s besides the point.

This is being handled ass backwards and we seriously deserve better.


46

+ sid4peeps on April 26th, 2011 at 1:10 pm said:

Gamestop has STOPPED accepting PS3s for trade-ins…?????? O_o


47

+ xxnike629xx on April 26th, 2011 at 1:10 pm said:

Hey Sony! How about you guys taking responsibility for all 75 million users instead of telling us to keep track of it all while you guys do absolutely nothing?

This is ridiculously lazy of you guys and very irresponsible.

I’m a bit worried that I’ve invested so much of my money & time into your products.


48

+ tazinlwfl on April 26th, 2011 at 1:11 pm said:

… dang
So… What’s the next step for us users? I don’t see any evidence that my bank info was stolen, but I’ll take those precautions to heart. But… What’s the fallout for this?

I love my PS3. I really like Sony and I support the developers 100%, but this really tests everyone’s patience. It really tests my patience.


49

+ Lopez9577 on April 26th, 2011 at 1:11 pm said:

If my identity is stolen im going to sue sony


50

+ xxnike629xx on April 26th, 2011 at 1:11 pm said:

@sid4peeps
If that’s true, maybe Sony plans on releasing a new PS3 model that is more difficult to hack and is compatible with this supposed new network Sony is doing.


PAGE 1 2 3 11
Comments are closed. We close the comments for posts after 30 days