Farpoint

Apr 26

Apr 26

Update on PlayStation Network and Qriocity

Patrick Seybold's Avatar Posted by Sr. Director, Corporate Communications & Social Media

Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems. These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows. We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.

We’re working day and night to ensure it is done as quickly as possible. We appreciate your patience and feedback.

Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

  1. Temporarily turned off PlayStation Network and Qriocity services;
  2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
  3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.

Sincerely,
Sony Computer Entertainment and Sony Network Entertainment

The same information can be found at the following websites:

http://us.playstation.com/news/consumeralerts/#non-us

For those that live the United States, but not Massachusetts or Puerto Rico:
http://us.playstation.com/news/consumeralerts/#us

If you live in Massachusetts:
http://us.playstation.com/news/consumeralerts/#mass

If you live in Puerto Rico
http://us.playstation.com/news/consumeralerts/#pr

Add Your Own

PAGE 1 2 3 11

RomuloVitoi said:

April 26th, 12:53 pm

Hope it come back quickly

Ejsponge61 said:

April 26th, 12:54 pm

Wow, this is alot of info. Thanks, this is very much appreciated by all of us PlayStation fans.

GGDBoy said:

April 26th, 12:54 pm

Thanks for the update Sony. Hopefully no creditcard info was stolen as well.

rafael_martines said:

April 26th, 12:54 pm

Finally more explanation and a light in the end of the tunnel! Please SONY fix it! Forever!

TorgoTime said:

April 26th, 12:55 pm

WHAT!!! PSN IS DOWN!!!!! IS THIS BREAKING NEWS!!?!?!

tacotaskforce said:

April 26th, 12:55 pm

You waited a WEEK to tell us our persona information was compromised ? That should have been said last Thursday.

Sophronia said:

April 26th, 12:55 pm

Thanks for the update.

Ar4chNova89 said:

April 26th, 12:56 pm

Looks like my 131 Steam games will come in handy.

Ouren said:

April 26th, 12:57 pm

“we believe that an unauthorized person”

One person. :S

rodrom said:

April 26th, 12:57 pm

Holy balls

Vallanthaz said:

April 26th, 12:57 pm

LOL Gears 3.

EatDeath said:

April 26th, 12:57 pm

Thankfully no evidence at this time that credit card data was taken.

sid4peeps said:

April 26th, 12:58 pm

YAWN…

This update is about 6 days LATE. I think it is time to move to the other network, no regard for customers here.

Toodles Sony.

OreoPoptart said:

April 26th, 12:58 pm

JUST STOP! FIX THE GOD DAMN PSN FIRST THEN POST THIS CRAP UP GEEZ

sid4peeps said:

April 26th, 1:00 pm

Hello?

Did you not all just read this?!?!?!

75Million+ accounts of personal information/credit card information has been compromised or stolen!
This is a record amount of information theft. What a LETDOWN.

jonabbey said:

April 26th, 1:01 pm

It’s rather incredible that this is the first meaningful communication you have given us. Many of us who are savvy enough to be reading your blog are technical enough to be running our own Internet services, and you really can’t go wrong by over-communicating, here.

I hope you will be telling us more about how this happened.

Korbei83 said:

April 26th, 1:01 pm

If you have compromised my credit information, you will never receive it again.

The fact that you’ve waited this long to divulge this information to your customers is deplorable. Shame on you.

Excuse me while I go change my password.. oh wait. I can’t.

ToxicStatistic said:

April 26th, 1:01 pm

Don’t let the door hit your ass on the way out, 14 :)

It states that Sony needed to work with other firms to figure out what happened. All that info was not known 6 days ago.

lcmnick said:

April 26th, 1:02 pm

Jesus H.

Lopez9577 said:

April 26th, 1:02 pm

FUDGE!!! this they have my NAME, CITY, STATE, AND ADDRESSS, Sorry sony but you EFFED up BIG TIME man if someone steals my identity I will sue you to the MAX!!!!! believe me I am now deleting/deactivating all my accounts selling this crap of a system and buying an xbox360. seriously i was going to stick with you but if all my info has gotten out there that is pathetic man

cronqvist said:

April 26th, 1:02 pm

Well, that blows. I hope they find whoever got into the PSN and make that person pay. With tears. Of blood.

Or just to the legal extent to which the crime is punishable. That should work.

Tgebbs said:

April 26th, 1:03 pm

What about our trophies? Are they safe?

Xandure said:

April 26th, 1:03 pm

Well at least they’re coming forward with more information. The good news is they caught it early on and ceased all PSN Activity, protecting us in case some one was able to retrieve personal information.

I receive e-mails alerts from my bank whenever a transaction takes place on my debit card, so if there are any fraudulent mishaps, I will know immediately. I highly suggest everyone get this option set up either through your credit card company or your bank of choice.

I would like to make one request though, since you are trying to restore services, why not just bring back online play and just disable the PlayStation Store until further notice. This way we can still log in using our PS3’s and change any information necessary, such as passwords, and or credit card information.

Battlepope190 said:

April 26th, 1:03 pm

Good to see an in-depth answer to what’s going on.

EatDeath said:

April 26th, 1:03 pm

Really, how can some of you all react this way, a person going for information isnt going to make it so blatantly clear of what they took, just think of the other information scandals where to this day it is unknown what information they ran off with…Employing a security firm even seems to indicate that it took a lot of work to just find out what happened, certainly nothing known on the eve of last Tuesday…

ZERO_169 said:

April 26th, 1:03 pm

Finally another update!!!!!!

VisionaryLight said:

April 26th, 1:03 pm

You really should have told us this last week. This is completely unacceptable.

exterminator_123 said:

April 26th, 1:03 pm

YOU SEE WE GONNA HAVE TO CREATE NEW ACCOUNT

sid4peeps said:

April 26th, 1:04 pm

Also, in another Email, Sony states that there will be NO COMPENSATION to PlaystationPlus subscribers what-so-ever!!!

hanyPS said:

April 26th, 1:05 pm

hope it comes back better than before

dushku said:

April 26th, 1:05 pm

Thanks for the update.
Hope you fix everythig)

sid4peeps said:

April 26th, 1:05 pm

Anyone know of a place in Canada that is offering a good trade in for PS3 to Xbox360? Serious.

tonydamiani said:

April 26th, 1:06 pm

OMG O_o wow

jonabbey said:

April 26th, 1:06 pm

On that topic.. when you say that our password data may have been accessed, I hope you mean that our hashed, non-reversible password data may have been accessed.. right? You didn’t have our passwords in plaintext on your servers, did you?

xxnike629xx said:

April 26th, 1:07 pm

Talk about a massive wall of text..

Dear PlayStation,

Thank you for finally posting something….but again a lot of nothing, but this time in the form of a massive wall of text.

Thank you for compromising our personal information & credit cards.

: sarcasm ::

megamixer said:

April 26th, 1:07 pm

Reposting…

Its pretty sad that, throughout all of this PSN mumbo jumbo, we can still play many PS2 games online.

PSP/PS3 games? Nada.

Maybe this whole being connected 24/7 thing is a total dud (see: the utterly pointless WiiConnect).

@Patrick Seybold
Yikes. I hope my debit card is going to be safe. :| Now to think up a new PSN password for whenever the system gets back online.

Capshot18 said:

April 26th, 1:07 pm

It’s nice to see that info about this has been given. I know that you couldn’t say much earlier, but I’m glad we finally know more. For those who had their credit card info tied to their accounts, I hope that those weren’t taken. Anyway, it’s nice to see that the end is in sight.

xxnike629xx said:

April 26th, 1:07 pm

@jonabbey
We hope they encrypted all of our passwords instead of just having them out written in plain text.

>_>

VisionaryLight said:

April 26th, 1:08 pm

What about people in Canada or the rest of the world?

tomstockmail said:

April 26th, 1:08 pm

How long did the hacker have access

@21 / Lopez9477
Goodbye. Don’t come back.

xxnike629xx said:

April 26th, 1:08 pm

It looks like it’s time for me to take off my credit card information from my PS3 and instead resort to buying PSN Cards from stores and online.

ssjmichael said:

April 26th, 1:09 pm

Sony, why don’t you email all PS3/PSP owners? Not everyone reads the blog. You obviously have our email addresses since you spam us with Playstation store updates.

Your poor communication here will be remembered in the future

Blade133 said:

April 26th, 1:09 pm

This… is not a good thing. Judging by the way things look right now, a lot of people won’t be buying the NGP since it relies so heavily on the PSN.

adolson said:

April 26th, 1:09 pm

I should have known better than to trust Sony with my credit card info.

VixDiesel said:

April 26th, 1:09 pm

You guys are seriously dropping the ball here. You wait a week to finally say something legitimate and it might be something that can ruin the lot of us financially. Good thing I took my CC info off my account years ago but that’s besides the point.

This is being handled ass backwards and we seriously deserve better.

sid4peeps said:

April 26th, 1:10 pm

Gamestop has STOPPED accepting PS3s for trade-ins…?????? O_o

xxnike629xx said:

April 26th, 1:10 pm

Hey Sony! How about you guys taking responsibility for all 75 million users instead of telling us to keep track of it all while you guys do absolutely nothing?

This is ridiculously lazy of you guys and very irresponsible.

I’m a bit worried that I’ve invested so much of my money & time into your products.

tazinlwfl said:

April 26th, 1:11 pm

… dang
So… What’s the next step for us users? I don’t see any evidence that my bank info was stolen, but I’ll take those precautions to heart. But… What’s the fallout for this?

I love my PS3. I really like Sony and I support the developers 100%, but this really tests everyone’s patience. It really tests my patience.

Lopez9577 said:

April 26th, 1:11 pm

If my identity is stolen im going to sue sony

xxnike629xx said:

April 26th, 1:11 pm

@sid4peeps
If that’s true, maybe Sony plans on releasing a new PS3 model that is more difficult to hack and is compatible with this supposed new network Sony is doing.

PAGE 1 2 3 11
Comments are closed. We close the comments for posts after 30 days

PlayStation Blog