PlayStation Network Security Update

443 1

On Tuesday, April 26 we shared that some information that was compromised in connection with an illegal and unauthorized intrusion into our network. Once again, we’d like to apologize to the many users who were inconvenienced and worried about this situation.

We want to state this again given the increase in speculation about credit card information being used fraudulently. One report indicated that a group tried to sell millions of credit card numbers back to Sony. To my knowledge there is no truth to this report of a list, or that Sony was offered an opportunity to purchase the list.

One other point to clarify is from this weekend’s press conference. While the passwords that were stored were not “encrypted,” they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form. For a description of the difference between encryption and hashing, follow this link.

To reiterate a few other security measures for your information: Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.

We continue to work with law enforcement and forensic experts to identify the criminals behind the attack. Once again, we apologize for causing users concern over this matter.

Our objective is to increase security so our customers can safely and confidently play games and use our network and media services. We will continue to provide updates as we have them.

Comments are closed.

443 Comments

1 Author Reply

  • What concerns me is there updating the sites that have lots to do with there stocks and such yet they gives a different story here… I don’t like that kind of thing. what they say to Blomberg and or other companies financial or otherwise vs those on the blog should be the same thing. We shouldn’t have to dig through Forbes, PC magazine, Blomberg, and a pluther of other adult geared sites. Sony is explaining to the adult masses what is going on…there just not using terms you can understand, so get off you high horse and hurry up and..WAIT..

  • I have a new Slogan:
    PS3 make believe it does everything.

  • This blog used to awesome with great *game* updates but wow, no PSN service / company updates. I’m disappointed on this extended outage. Sure I’d like my info to secure and not exposed but even a small update saying something if anything at all.

    The fact that we’re literally in the dark is just irresponsible of Sony. I had high hopes Sony would turn things around and show they’re a 1st class company but this is just ridiculous. If it weren’t for some excellent platform games and a bluray player, I would seriously consider other alternatives!

  • @ Jazzy…. agreed. And just because PSN is down means we can’t get any gaming new whatsoever on the blog anymore? Pfft?!? Everyone in the communications/social media department working on the new network? …..

  • What part of ” The PSN will not be fully Functional until the end of May” do you not get? and what part of “partial services maybe restored with the emphasis on the word “MAY” be restored this week?” The used the Wording “MAY BE”They never used “shall ort will,” they used Should and Could Which even th wording like Should gives wiggle room for error. and they could very well be under attack, maybe a rig wither servers got flat, a heck may be one of the drivers needed a donut??? who knows…?I am sure Sony is having just reason for it not being on-line.Maybe they have a Buggy Os?

  • Just had an interesting thought, no psn means no way to detect hacked Consoles. I hope I am wrong in this thinking.

  • Okay, decided, I want Brink. So need to add that to the games I want this year (disc based that is, and likely close to release date, if not pre-ordered with good bonus (which I see Brink has several options):

    Dirt 3, Brink, Battlefield 3 (if it does come out this year), and Elder Scrolls V: Skyrim

    Others that are coming out that I’ll wait for (likely get used at some point in the future): LEGO Pirates of the Caribbean. That’s about it. There are several games out there that I still want to add to my collection though. Infamous, GOW 1-3, Fallout New Vegas, Overlord 2, AC 2/Brotherhood, Batman: Arkham Asylum GOTY. Not to mention any kid type games for my kiddies (like All4One, etc). Combined that with any games I get from PS+ (if we get online that is), other games on PSN I already know I want, and the 35+ games I already got this year…..I think that should be good for ’11. lol If I can ever find full-time employment, my poor PS3 will wonder what happened. :D

  • well I think it is safe to say that there is only a select few of us that can log in because of the cookie issue..Its only been the same people over and over.there is what 30 of us on here able to log?

  • I’ve never logged out this whole time so never had to log back in since I’ve not cleared cookies in awhile, though needs to be done (darn kids). The blog never seems to change my avatar either, which I changed at least a week before the current outage, and it’s not Quark.

  • I was thinking of getting the latest online game for Final fantasy… won’t be PS3 based that is for sure. I wonder ho many FF accounts been affected by this?

  • hmm i guess Eropean states have a 7 day auto expiration date, here I think its 30 or 90? days? any one know on that?

  • *European Countries, not states lol..getting tired hewhe

  • I was looking forward to finally playing Killzone 3 online again

  • yea my avatar is the dude from socom 4 not lbp flag man :(

  • 401? :)

    I was looking forward to playing DH:A online again. :/

  • WHERE IS PSN?!!! and why is there so many rumors about japan .. their not true right?

  • Well, it looks lie Sony’s even taking flack on Wiki as well.

  • @402
    Maybe because a lot of people do not know Japanese so rumor is easier to spread??
    To my knowledge and from Sony’s Japan site they are not true.

    Question to Sony: Will PSP/PSP Go also get a firmware update in order to change password or PS3 is the only one that can change it?

  • What about the facebook accounts we linked to our profile? Were they compromised as well?

  • so still no psn today?

  • I THINK WE SHOULD GET BACK AT SONY FOR NOT GIVING US A DATE BY NOT LOGINING IN UNTIL SUMTIME NEXT WEEK..LETS GIVE THEM THE EXACT HEADACHE THEY ARE GIVING US! >:/

  • @407 giving you sry but don’t put ppl involve in something that your irritated about.

  • “Tokyo, May 1, 2011 – …. announced they will shortly begin a phased restoration by region of PlayStation®Network and Qriocity™ services, beginning with gaming, music and video services to be turned on.”

    Shortly? 3 days later and not even an update to this “shortly”. No where in the world of business does “shortly” mean 3 DAYS. Hey Bossman, I’ll have that report to you “shortly” …. turn it in 3 days later and see what happens.

    Let’s recap. We’ve heard 1-2 days (when this first all began), NOT EVEN IN THE BALLPARK with that total clueless guess from Sony. We’ve heard within a week (with a disclaimer entwined in the sentence), and a week has past and went. And we’ve heard “Shortly”…which apparently means at least 3 days….

    (cont)

  • HEY PATRICK….what does SHORTLY mean in Sony language? And give us an update. Does anyone work in your department or they “working around the clock” with the programmers/IT to get the system online (riiiiight)……or did you have to give them all vacations to cut labor costs.

    And, why aren’t we seeing any information on games whatsoever for weeks on the blog?!?!? I don’t know who pulls the strings around this blog, but they do an absolutely PATHETIC job at it….and I’m the one unemployed and could, without question, do a better job. [DELETED]

    “Sony recorded consolidated annual sales of approximately $78 billion for the fiscal year ended March 31, 2010.”

    $78 BILLION dollars and we, THE CUSTOMERS, can’t get ONE PERSON to answer a question SPECIFICALLY RELATED TO THEIR PRODUCT.

    DISGUSTING! Going bad to worse around here. Someone in the Social Media Dept needs to do their [DELETED] job.

  • hmmm…awaiting moderation perhaps for the 2nd post….or wasn’t accepted. In any case….I’ll just summarize it, someone in the Social Media department needs to do their flippin’ job.

    Anyways, with regards to the customer appreciation and the Plus plan. How about making those “free” games aka borrowed games, ACTUALLY FREE to keep forever. THAT would be appreciation.

    …I’m not happy about: 1. Any and all new game information has been non-existent for 2 weeks on the blog.
    2. 3 different “suggestive” dates to when we’ll be back online from Sony, not one of them has been true as “suggested”
    3. Continued lack of consistent communication from Sony.

    Signed,

    A wavering, extremely long-time and loyal PS customer.

  • Pat 1 of 2
    Ok I see where things are getting a tad confusing for people Es[ecailly when some gaing sites Like Play station Move reviews and CEV been posting this kind of story:
    The following article was posted Apr 29, 2011;
    Sony says that it has “temporarily turned off PlayStation Network and Qriocity services” to tighten the security on the network. According to Caplin the network can be expected to return “within a week from yesterday” which means by May 4.

    These are the stories that people are clinging to.Where as the business side is stating these types of Stories:
    Sony Security Breach Could Cost $2 Billion
    Will the company lose online gaming business?
    May. 4, 2011, 9:32 am
    Ask business analysts how much the Sony Corp. (NYSE: SNE ) security breach that compromised customers credit card and personal information could cost the entertainment company and they’ll likely say upwards of $2 billion. Ask customers whose have spent time changing passwords, calling banks and the credit bureaus to safeguard their financial future how much it will cost Sony and they might say you can’t put a price tag on trust.

  • Part 2/2

    Not because the breach happened. Other companies and financial institutions have had their systems hacked and personal information compromised and most customers haven’t stopped doing business with them. But Sony didn’t immediately tell customers there was a problem
    It took Sony nearly a week to announce that hackers infiltrated their PlayStation Network System, and that the personal information of nearly 77 million customers could have been stolen. Now we learn that nearly 25 million accounts at Sony Online Entertainment (SOE) also were compromised.
    We’re not talking just any information. Hackers hit the jackpot, gaining access to specific and comprehensive information such as names, addresses, gender, date of birth, phone number, email address, login name and passwords. Worse still, the personal information of kids and teens may be included because the breach included video game accounts.
    Source : Investor Place . com

  • s1mpl3______j4ck

    is PSN gunna be up today?

  • Damn it Sony give us another update or something

  • well couple more days and i really start thinking about selling my ps3 and buying xbox…

  • God Sony, “this week” doesn’t mean wait till the Sunday night.

    At least give us an update.

  • @Szamal…. I just replaced my first PS3 with a new slim a few months ago….had I known then what I know now, I likely would’ve converted. :/ So if I feel that way, just imagine how many people that were considering buying a PS3 before this ‘event’ transpired, let alone any other Sony product at this point, are purchasing other brands now. I’ll be interested in seeing sales figures for consoles beginning in April thru end of the summer.

    As someone who has never really looked into the XBox, what I see over there, esp. in terms of sheer number of games available (and prices), I have to say I like what I see. Some cool features over there. What I find funny about all this is I never, and I mean never, ever considered the XBox before, never been to their site, etc etc….yet, after coming to SONY’S blog and seeing how they respond and treat their loyal customers, I’ve gone there several times over the past couple months. I’ve already got my 8 yr old on the PS side of things (you’re welcome), but if I go, he will be right behind my decision (oh yeah, he’s not happy that I can’t even tell him anything new to what is going on….thanks.) All I’m asking for is information.

    You should be ashamed Sony.

  • @431
    i had x360 sometime ago but when i got ps3 i sold it cause i didn’t use it. but that was times when there’s no xbl in my country. now it’s different. i stick with the ps3 because it did the job (i mean i could play on it online when i wanted to) and it really doesn’t matter that much to me on which system i play.

  • At least with Xbox 360, you never hear of Microsoft losing your personal details! Ridiculous Sony!

  • SOOPERGOOMAN187

    Diresgard that last statement, I never posted yesterday. Now I wonder how that happened SONY? Hmmm did someone get my details? Did They? You wont answer anyone let alone me. I didn’t sell all my stuff but it sure is collecting dust. My cookies I have em set to never expire, either that or you can copy the cookie, then when you get to the point that it has expired you can copy it back into your browser and be able to login again. Still find it disgracefully funny that I can log in here but not psn…..

  • Good riddance to all of you who are leaving the PS3 for another console. That just means less of you [DELETED] online. Thank you, That’s All, and good bye.

  • @Autoxfool – I agree with your sentiments in your 1 post (#431). As I have mentioned before, I’ve already have had a 360 (& for quite some time too, I might add), but I always considered it my secondary system, w/ my PS3 being my primary one. While I’m unlikely to immediately go out & sell my PS3, if only due to the sheer amount of stuff I’ve bought via the PSN Store on both of my PSN accounts which I’d lose access to if I sell my system, I have serious reservations over buying anything else – be it via the PSN store or @ a brick & motar store. I may very well focus more money/time into my 360. This is rather significant seeing as I’ve been a heavy Sony supporter since getting a PSone in April ’97 & had been buying games, systems, accessories, etc like no other. Hell, in some circles, I’ve been labeled as a Sony fanboy. If my faith in Sony can waiver, what does that say for others, or even the state that Sony’s in?

  • @autoxfool – I may add that, while the current PSN issue is the most widespread issue that affects the most ppl to date, this isn’t the 1st issue that I’ve had w/ Sony. Not once, but twice last spring (within 10 weeks of each other), I had gotten the dreaded YLoD. I go through the process of sending in my PS3 to have it repaired/replaced. Under ordinary circumstances, that would be the end of the story & just would’ve been mildly annoyed by the YLoD, *BUT* I had an issue w/the video content that I had previously bough on this account. Unlike PSN games, which can be put on up to 5 systems & Sony maintains a download list for them which is easily accessible, they don’t do that w/ videos. In the end all, on both occaisions, I had to make multiple calls to Sony, talk to reps that often enough don’t know what they’re talking about, and do ALOT of complaining to not only them, but to misc. gaming talk shows on internet radio to get the word out on the issue. Even then it took awhile to get my videos back. Initially, they wanted my to rebuy everything. Umm… no. I have ALOT of videos. I’m no Daddy Warbucksby any means, & even if I were, I wouldn’t rebuy them out of sheer principle.

  • @autoxfool – to make things worse, many people out there do not have their original PS3s in which they created their PSN account/s anymore for w/e reason, be it due to theft, YLoD, or w/e. On rare occaisions, some PSN accounts have old email addresses that are old, out-of-date, etc. With that being said,those people may have issues when it comes to getting things back in order/regaining access to their accounts once PSN does come back online. At best, this this would be a headache-inducing hassle for them, & at worst, they may not even regain access to their accounts at all. See the issue here? Speaking only for myself here, but I’m not perticularly happy over this whole mess to put it as mildly as possible. While it may not have been totally avoidable, Sony certainly could’ve handled things better IMHO & taken steps to mitigate certain issues.

  • sell your PS3 and get an xbox360. Sony is not turning the PSN back on for a looong time.

  • @440; That doesn’t make sense. There are plenty of amazing single player games on the PS3 to play while waiting. 360’s games are usually best at online which you have to pay for access to, yet pay the same price for the game itself as the PS3 version of multiplats.

    If someone can’t stand not playing online for awhile, then they should go to PC instead of the 360. The PC is far better in the online space.

  • Info too late. Change PR firms Sony.

  • PSN: u said on ur blog that we will get playstation plus for free for 30 days? what happened to that i sign in and i didn’t get playstation plus.

Please enter your date of birth.

Date of birth fields