PlayStation breach affects credit data

Big increase is only risk to economy, survey finds

  • Follow Business

LOS ANGELES --- Sony Corp. said Tuesday that the credit card data of PlayStation users around the world might have been stolen in a hack that forced it to shut down its PlayStation Network for the past week, disconnecting 77 million user accounts.

Some players brushed off the breach as a common hazard of a connected world, and Sony said some services would be restored in a week. But industry experts said the scale of the breach was staggering and could cost the company billions of dollars.

"Simply put, one of the worst breaches we've seen in several years," said Josh Shaul, the chief technology officer for New York-based Application Security Inc., one of the largest database security software makers in the U.S.

Sony said it has no direct evidence credit card information was taken, but said "we cannot rule out the possibility."

It said the intrusion was "malicious" and that the company hired a security firm to investigate. It has taken steps to rebuild its system to provide greater protection for information and warned users to set up fraud alerts.

"Our teams are working around the clock on this, and services will be restored as soon as possible," it said in a blog Tuesday.

The company shut down the network last Wednesday after it said account information, including names, birthdates, e-mail addresses and log-in information was compromised for certain players. Sony says people in 59 nations use the PlayStation network.

Purchase history and credit card billing address information might also have been stolen, but the intruder did not obtain the three-digit security code on the back of cards, Sony said. Spokesman Satoshi Fukuoka said the company has not received any reports yet of credit card fraud or abuse resulting from the breach.

Shaul said that not having proof of information theft should not instill a sense of security and could mean Sony just didn't know what files were touched.

"They indicated that they're worried about it, which is probably a very strong indication that everything was stolen," he said.

If the intruder successfully stole credit card data, the heist would rank among the biggest known thefts of financial data.

Michael Brant, 52, a railway worker in Columbus, Ohio, said the outage prevents him from playing Call of Duty on a team with his 8-year-old grandson.

"Everybody gets hacked," he said. Brant said he would not hold a long-term grudge against Sony "as long as they get the stuff back up and running and nobody has to suffer from it."


Search Augusta jobs