PlayStation.Blog
PS4 - The Last of Us Remastered

Q&A #1 for PlayStation Network and Qriocity Services

Patrick Seybold's Avatar + Posted by Patrick Seybold on Apr 27, 2011 // Sr. Director, Corporate Communications & Social Media

First off, we want to again thank you for your patience. We know that the PlayStation Network and Qriocity outage has been frustrating for you. We know you are upset, and so we are taking steps to make our services safer and more secure than ever before. We sincerely regret any inconvenience or concern this outage has caused, and rest assured that we’re going to get the services back online as quickly as we can.

We received a number of questions and comments yesterday and early today relating to the criminal intrusion into our network. We’d like to address some of the most common questions today.

We are also going to continue to post updates to this blog with any additional information and insight that we can over the next few days.

We are reading your comments. We are listening to your suggestions. Please keep them coming.

Thank you.

Q: Are you working with law enforcement on this matter?
A: Yes, we are currently working with law enforcement on this matter as well as a recognized technology security firm to conduct a complete investigation. This malicious attack against our system and against our customers is a criminal act and we are proceeding aggressively to find those responsible.

Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.

Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system. UPDATE: While we do ask for CSC codes, we do not store them in our database.

Q: What steps should I take at this point to help protect my personal data?
A: For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.

Q: What if I don’t know which credit card I’ve got attached to my PlayStation Network account?
A: If you’ve added funds to your PlayStation Network wallet in the past, you should have received a confirmation email from “DoNotReply@ac.playstation.net” at the email address associated with your account. This email would have been sent to you immediately after you added the funds, and will contain the first 4 digits and last 4 digits of your credit card number. You can also check your previous credit card statements to determine which card was attached to your PlayStation Network or Qriocity accounts.

Q: When or how can I change my PlayStation Network password?
A: We are working on a new system software update that will require all users to change their password once PlayStation Network is restored. We will provide more details about the new update shortly.

Q: Have all PlayStation Network and Qriocity users been notified of the situation?
A: In addition to alerting the media and posting information about it on this blog, we have also been sending emails directly to all 77 million registered accounts. It takes a bit of time to send that many emails, and recognize that not every email will still be active, but this process has been underway since yesterday. At this time, the majority of emails have been sent and we anticipate that all registered accounts will have received notifications by April 28th. Consumers may also visit www.us.playstation.com/support and www.qriocity.com for notices regarding this issue. In addition, we have taken steps to disseminate information regarding this issue to media outlets so that consumers are informed.

Q: What steps is Sony taking to protect my personal data in the future?
A: We’ve taken several immediate steps to add protections for your personal data. First, we temporarily turned off PlayStation Network and Qriocity services and, second, we are enhancing security and strengthening our network infrastructure. Moving forward, we are initiating several measures that will significantly enhance all aspects of PlayStation Network’s security and your personal data, including moving our network infrastructure and data center to a new, more secure location, which is already underway. We will provide additional information on these measures shortly.

Q: Has Sony identified the party or parties responsible for the PlayStation Network hack and subsequent theft of personal information?
A: We are currently conducting a thorough investigation of the situation and are working closely with a recognized technology security firm and law enforcement in order to find those responsible for this criminal act no matter where in the world they might be located.

Q: When will the PlayStation Network and Qriocity be back online?
A: Our employees have been working day and night to restore operations as quickly as possible, and we expect to have some services up and running within a week from yesterday. However, we want to be very clear that we will only restore operations when we are confident that the network is secure.

//Add Your Own

352 Comments   1 Reply

PAGE 1 2 3 8

1

+ yazter on April 27th, 2011 at 5:15 pm said:

After 80 plats and one week I feel as though I’m “over” PSN

I won’t deny that I miss it, but I doj’t think I’ll be using it as often as I did, esp. since I got an Xbox 360 just recently.


    Patrick Seybold's Avatar

     

    + Patrick Seybold on April 29th, 2011 at 10:43 am said:

    As our friends at Destructoid pointed out, I was incorrect on the last point of the credit card question above. I want to make an important distinction: While we do ask for CCV codes, we do not store them in our database. It is transmitted to our payment processors for verification purposes only. Deep apologies for the confusion.


2

+ yazter on April 27th, 2011 at 5:16 pm said:

One week of no PSN**


3

+ chicagodave on April 27th, 2011 at 5:17 pm said:

Thank you for the update.


4

+ BlindMango on April 27th, 2011 at 5:17 pm said:

Thanks for answering more questions Sony, I hope you can make the service secure enough this time to where this wouldn’t happen again. I hope PSN is back up soon but I got enough single-player games and trophies to tide me over until then!


5

+ leukoplast on April 27th, 2011 at 5:18 pm said:

I want to know if deleting my Credit card info off the PSN did me any good, I had it deleted a few months ago after my last purchase. Or if that info was still on the servers after I had cleared it.


6

+ BlueFrog007 on April 27th, 2011 at 5:18 pm said:

Hope these people are caught. I think gamers worldwide would love a new Sony PSN series about bringing them to justice :D


7

+ Train1999 on April 27th, 2011 at 5:18 pm said:

Still looking forward to using Playstation Network whenever it comes back online. Been a Playstation Gamer since 1995. Hopefully well worth the wait.


8

+ Stoffinator on April 27th, 2011 at 5:19 pm said:

I imagine this is been a nightmare for you guys. Its sad to hear our personal info wasn’t encrypted as well. But regardless, I just want it back online. I am surprised there is no mention of game content.

1) How will our download history be affected?
2) Trophies. Will these still be intact?
3) Friends list?


9

+ Christian399 on April 27th, 2011 at 5:20 pm said:

Can everyone stop the chickenlittling already? Of the 77 million, a chunk of those are dupe accounts. Change your password, cancel your CC if you’re extra paranoid, not 16 and living in your mom’s basement. The hyperbole of the internet and the loud-mouthed trolls barking from behind their computer screens are deplorable. I’m pretty sure that everyone’s name, address and date of birth are already on a thousand sites and data repositories across the web BEFORE this incident ever occurred. The only really concern is CC info, which, as I’ve already stated, you can rectify by calling the appropriate financial institution (and it looks as if that info is safe anyhow).

Btw, everyone will forget about this nonsense in 2 days for the greater nonsense of a royal wedding. I’m Canadian and I don’t even give a $hit.

Sony, you might want to appease the internet mob regardless by giving them that damned X-game chat and a few other nice features. (I could care less, never use it on Live as I don’t like my games being interrupted.)

God bless the single player game. This whole thing hasn’t affected me in the least.


10

+ guitoorbenchi on April 27th, 2011 at 5:21 pm said:

just called my bank and had my debit card replaced. Better to not take the chance.


11

+ zAnti-Virus-z on April 27th, 2011 at 5:21 pm said:

….


12

+ KwietStorm on April 27th, 2011 at 5:22 pm said:

Thanks for the info. I hope you have people attempt to breach the new infrastructure before it goes live.


13

+ EatDeath on April 27th, 2011 at 5:24 pm said:

Wow they are gonna hunt down that thief.

The post was so technical…it would have been ridiculous if CC information wasnt encrypted…

Hope for more Q&A’s


14

+ Christian399 on April 27th, 2011 at 5:24 pm said:

Oh, and Sony, consumers will be looking for a strong hand applied to the perps. Beef up your network, add extra features, maybe give out a free game. But crack down on whoever did this or you’ll look like fools. Plus, it’ll allow you to slough off a great deal of the spotlight onto an “diabolical” information terrorist.

Not the ideal time, but I still haven’t forgotten about my WKC 2 campaigning :) Some info on the Blog when things calm down please! :) Ask them if we’ll get the DLC too!


15

+ BlindMango on April 27th, 2011 at 5:25 pm said:

Also, it’s good you will require a password change upon log-in, I was hoping that you guys would do that.


16

+ SlyCooper22 on April 27th, 2011 at 5:25 pm said:

17th yay


17

+ clupula668 on April 27th, 2011 at 5:25 pm said:

Thanks for the update. I doubt it’ll do very much to ease those who insist on overreacting, but for those of us who can remain rational, we appreciate it.

Anxious to be able to play online again, but the security comes first and I do have a ton of single player games to keep me busy until then.


18

+ megalodonshark on April 27th, 2011 at 5:26 pm said:

just out of curiosity, what will be done in favor of all the people who have been affected by not being able to utilize sony for its’ online services? i was beginning to get accustomed to seeing some sort of dlc every single week whether or not i purchased it. but think of all the people that use your system, and how much money we have spent on the different items from the store, i hope sony can find a way to ensure future and further support of the system, especially since this is going to be a minimum of 2 weeks for a large amount of people.


19

+ VixDiesel on April 27th, 2011 at 5:27 pm said:

Thanks for the answers but it’s still not enough, ya know?

Were the funds in our wallets compromised?

What if we have a subscription to something, Netflix, DCUO, Free Realms, etc., will we get compensation for that?


20

+ Joe_1234 on April 27th, 2011 at 5:28 pm said:

what does psn stand for?
yes this is me being smart.


21

+ Ramage on April 27th, 2011 at 5:29 pm said:

Cancelled my CC today without even trying (I mentioned PSN and the guy said please hold and told me they’d send me a new card o_O) . Glad to see the CC data was encrypted.

I’ve also heard that our passwords for our accounts may have been compromised. Is this true? Doesn’t make sense to me as passwords are usually stored in a one way hash but I’m curious.

I have to say this is THE BEST update (regarding this fiasco) that I’ve seen. Please keep us posted. I don’t know about others but I can’t wait to get back on PSN (albeit I will be using a one use gmail account, unique password, and all my money in my wallet will be through PSN cards instead of CC)

Srsly, I have gamefly and i’m done with portal 2 SP. Just get the friggin network up so I can platinum this thing already!


22

+ hellboy1794 on April 27th, 2011 at 5:29 pm said:

dont we get anything after all this problem? like a free item from the PS store?


23

+ CaptTM on April 27th, 2011 at 5:30 pm said:

Please get it done soon I miss gaming on the PSN, and a possible week wait well that’s just plan darn =*(


24

+ BlindMango on April 27th, 2011 at 5:31 pm said:

#9

Agree with his questions, please answer them on the next Q&A.


25

+ duke301 on April 27th, 2011 at 5:31 pm said:

Finally, some progress. If most of the questions in that FAQ said something like ‘We cannot comment at this time,’ I would really have been disappointed. But it sounds as if Sony is on top of everything.Thank you for this update, and good luck with the impending class action lawsuits.


26

+ dinene1 on April 27th, 2011 at 5:32 pm said:

so besides a better security system and whatnot will sony somehow compensate for the time that psn has been down?


27

+ The-Jack-Burton on April 27th, 2011 at 5:32 pm said:

@yazter, beat it you troll, have fun with all of those 360 exclusives. So lame. You sound like a petulant child, and you probably are.

Thanks for the update, I’m glad you are pursing this aggressively to bring these criminals to justice. While it is frustrating for everyone affected by this, you have my full support, now and into the future. I really do want to thank you for all of the high quality entertainment your company has afforded me and my family for over two decades.


28

+ mixedkidbx on April 27th, 2011 at 5:32 pm said:

I had called my bank today and got the debit card deactivated, and then went to the bank near me to pick up a temp till the new card gets sent to me.

I rather just change cards then to take the chance. Lets face it, even encrypted info can be un-encrypted.


29

+ datastorm98632 on April 27th, 2011 at 5:33 pm said:

The Security Breach even have investors worried. in the stock market.
stock in Sony Corp. /quotes/comstock/64e!6758 JP:6758 -3.17% /quotes/comstock/13*!sne/quotes/nls/sne SNE -1.83% fell 3.5%, extending its drop in the previous session on concern about the security breach of PlayStation customer data. The shares’ advance came despite data showing Japanese industrial production fell by a record 15.3% in March, due to the earthquake and tsunami.


30

+ starfox_6456303 on April 27th, 2011 at 5:33 pm said:

What do you mean by “some” of your services?


31

+ SGAShepp on April 27th, 2011 at 5:34 pm said:

Thanks Sony. And its nice to know you are seemingly taking strong steps to get everything in the green, and prevent this in the future. It must suck to have everyone point the finger, even though these low-life hackers are to blame. Keep at er’!


32

+ zekececil14 on April 27th, 2011 at 5:34 pm said:

READ THIS SONY!
Advise us on the blog that we will receive an email. In that email there will be a preset security question, answer, and a password. Then we use the password and question the hackers don’t know about, and change then to what we prefer.


33

+ datastorm98632 on April 27th, 2011 at 5:35 pm said:

I can see that sony’s Stock securitys have had issues as well.
stock in Sony Corp. fell 3.5%, extending its drop in the previous session on concern about the security breach of PlayStation customer data.


34

+ tinycpw91 on April 27th, 2011 at 5:36 pm said:

coincidence i bought new vegas right before this happened…..i think not!


35

+ JONGREY on April 27th, 2011 at 5:39 pm said:

Thank you Sony. I’m sorry that so many people are over reacting. I think you have handled this very well, except for a few foggy comments which have left people to believe its worse than it really is. This post certainly clears out a few of those doubts. One thing you could answer is if failed or deleted credit card data was kept on the servers. Also to tell us if our trophies are secure since many of us do really enjoy them. I trust that you are doing your very best, and I hope to be back on the network soon. Regardless I’d still keep my PS3 without the network, I just don’t think the rest of the community would share the same enthusiasm.


36

+ zekececil14 on April 27th, 2011 at 5:40 pm said:

“We are reading your comments. We are listening to your suggestions. Please keep them coming.”
^LIKE


37

+ bigdaddykraven on April 27th, 2011 at 5:41 pm said:

Trying to turn this into a positive…with the move to new servers, rebuilding the network and all that will we see improved performance on the PSN?


38

+ Jin_Kusanagi on April 27th, 2011 at 5:43 pm said:

I prefer to stay here and wait, to go to Halobox where I know I’ll HAVE to pay to play online.

And after years with Sony, sommething like this wouldn’t change my mind.

Ppl that say they will change to Halobox, I’m pretty sure, they use Microsoft Windows….
And…?
Well….Windows isn’t that safe either, and we still use it =p so what? XD


39

+ zekececil14 on April 27th, 2011 at 5:43 pm said:

9
Well, trophies are on your PS3. All you need to do is re-sync them with the server.


40

+ datastorm98632 on April 27th, 2011 at 5:43 pm said:

More bad news for Sony Corp. (SNE-N29.03-0.76-2.55%), and more bad news for Sony investors: Immediately after the technology company tried to invigorate its reputation with the announcement of two tablet computers to compete against Apple Inc.’s iPad, it announced that in mid-April a hacker stole account information from its PlayStation Network, which has about 75 million accounts.


41

+ adolson on April 27th, 2011 at 5:45 pm said:

What is with all the people asking for something free out of this? Is a $10 PSN game going to make up for having your personal info and possibly decryptable credit card info out there in the hands of hackers? Really? That’s the price of your privacy, ten measly dollars?


42

+ Rick1220 on April 27th, 2011 at 5:45 pm said:

Great update, Sony. I am very happy to see that you are really getting your act together on these updates. Well done.


43

+ tinycpw91 on April 27th, 2011 at 5:47 pm said:

@27, unless you have DCUO which if i’m correct in saying, is the only game on the ps3 that requires a monthly subscription, they don’t have to compensate us for the network being down, we don’t pay to access it.


44

+ Conrad_Max on April 27th, 2011 at 5:47 pm said:

Thank you, Mr. Seybold, for the information. I think you can guess how much I am missing being online and in PlayStation Home. Keep up the good work and take your time. We want this as perfect possible.


45

+ Zinacef on April 27th, 2011 at 5:47 pm said:

Question: Is Xbox and their services vulnerable to such an attack as was suffered by Sony? Their forums are a buzz that they are invulnerable to any such encounters.


46

+ datastorm98632 on April 27th, 2011 at 5:48 pm said:

Sony’s Revenues slid from 4.5-billion yen in 2008 to just 2.9-billion yen in 2010.
Sony’s American Depositary Receipts trading in New York have fallen nearly 30 per cent from their post-recovery high early in 2010. And, the ADRs are down more than 50 per cent from their pre-recession highs in 2007. Indeed, they now trade at a price seen in 2003.
Is Sony Heading for a fall?


47

+ zekececil14 on April 27th, 2011 at 5:48 pm said:

So if you heard our suggestions, is X-CHAT being integrated? Lol, although it would be nice, it isn’t that important.


48

+ datastorm98632 on April 27th, 2011 at 5:49 pm said:

Jepsen also is looking into a data breach involving Sony PlayStation’s online network, which may affect as many as 77 million users. The data breach may include personal information such as user names, addresses, birth dates, e-mail addresses, account login data and, possibly, credit card information. Sony’s network includes more than just video games; it is also used to access Netflix, Facebook and Twitter.


49

+ fuzzyclutter on April 27th, 2011 at 5:50 pm said:

I don’t know if you guys are reading the other posts so i’ll just post here , when psn goes back online … i might not be near my ps3 to change info . whats being done to prevent thieves from associating my account to their ps3 (effectivly stealing it) before i get the chance to change info ?


50

+ zekececil14 on April 27th, 2011 at 5:53 pm said:

Also, do you guys know why our friends list sorting got screwed up? When you sorted by status, it put everyone online on top, and in alphabetical order. Then out of nowhere, it still put the online friends up top, but they were in very random orders. It was different every time. I had Ws on top, Z’s in the middle, it was crazy.


PAGE 1 2 3 8
Comments are closed. We close the comments for posts after 30 days