PSN ID
by First off, we want to again thank you for your patience. We know that the PlayStation Network and Qriocity outage has been frustrating for you. We know you are upset, and so we are taking steps to make our services safer and more secure than ever before. We sincerely regret any inconvenience or concern this outage has caused, and rest assured that we’re going to get the services back online as quickly as we can.
We received a number of questions and comments yesterday and early today relating to the criminal intrusion into our network. We’d like to address some of the most common questions today. We are also going to continue to post updates to this blog with any
additional information and insight that we can over the next few days.We are reading your comments. We are listening to your suggestions. Please keep them coming.
Thank you.
Q: Are you working with law enforcement on this matter?
A: Yes, we are currently working with law enforcement on this matter as
well as a recognized technology security firm to conduct a complete
investigation. This malicious attack against our system and against our
customers is a criminal act and we are proceeding aggressively to find
those responsible.
Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both
physically and through the perimeter and security of the network. The
entire credit card table was encrypted and we have no evidence that
credit card data was taken. The personal data table, which is a
separate data set, was not encrypted, but was, of course, behind a very
sophisticated security system that was breached in a malicious attack.
Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted
and there is no evidence at this time that credit card data was taken,
we cannot rule out the possibility. If you have provided your credit
card data through PlayStation Network or Qriocity, out of an abundance
of caution we are advising you that your credit card number (excluding
security code) and expiration date may have been obtained. Keep in
mind, however that your credit card security code (sometimes called a
CVC or CSC number) has not been obtained because we never requested it
from anyone who has joined the PlayStation Network or Qriocity, and is
therefore not stored anywhere in our system.
Q: What steps should I take at this point to help protect my personal data?
A: For your security, we encourage you to be especially aware of email,
telephone, and postal mail scams that ask for personal or sensitive
information. Sony will not contact you in any way, including by email,
asking for your credit card number, social security number or other
personally identifiable information. If you are asked for this
information, you can be confident Sony is not the entity asking. When
the PlayStation Network and Qriocity services are fully restored, we
strongly recommend that you log on and change your password.
Additionally, if you use your PlayStation Network or Qriocity user name
or password for other unrelated services or accounts, we strongly
recommend that you change them, as well. To protect against possible
identity theft or other financial loss, we encourage you to remain
vigilant, to review your account statements and to monitor your credit
reports.
Q: What if I don’t know which credit card I’ve got attached to my PlayStation Network account?
A: If you’ve added funds to your PlayStation Network wallet in the
past, you should have received a confirmation email from
“DoNotReply@ac.playstation.net” at the email address associated with
your account. This email would have been sent to you immediately after
you added the funds, and will contain the first 4 digits and last 4
digits of your credit card number. You can also check your previous
credit card statements to determine which card was attached to your
PlayStation Network or Qriocity accounts.
Q: When or how can I change my PlayStation Network password?
A: We are working on a new system software update that will require all
users to change their password once PlayStation Network is restored. We
will provide more details about the new update shortly.
Q: Have all PlayStation Network and Qriocity users been notified of the situation?
A: In addition to alerting the media and posting information about it on
this blog, we have also been sending emails directly to all 77 million
registered accounts. It takes a bit of time to send that many emails,
and recognize that not every email will still be active, but this
process has been underway since yesterday. At this time, the majority of
emails have been sent and we anticipate that all registered accounts
will have received notifications by April 28th. Consumers may also visit
www.us.playstation.com/support and www.qriocity.com
for notices regarding this issue. In addition, we have taken steps to
disseminate information regarding this issue to media outlets so that
consumers are informed.
Q: What steps is Sony taking to protect my personal data in the future?
A: We’ve taken several immediate steps to add protections for your
personal data. First, we temporarily turned off PlayStation Network and
Qriocity services and, second, we are enhancing security and
strengthening our network infrastructure. Moving forward, we are
initiating several measures that will significantly enhance all aspects
of PlayStation Network’s security and your personal data, including
moving our network infrastructure and data center to a new, more secure
location, which is already underway. We will provide additional
information on these measures shortly.
Q: Has Sony identified the party or parties responsible for
the PlayStation Network hack and subsequent theft of personal
information?
A: We are currently conducting a thorough investigation of the situation
and are working closely with a recognized technology security firm and
law enforcement in order to find those responsible for this criminal act
no matter where in the world they might be located.
Q: When will the PlayStation Network and Qriocity be back online?
A: Our employees have been working day and night to restore operations
as quickly as possible, and we expect to have some services up and
running within a week from yesterday. However, we want to be very clear
that we will only restore operations when we are confident that the
network is secure.
Source
We received a number of questions and comments yesterday and early today relating to the criminal intrusion into our network. We’d like to address some of the most common questions today. We are also going to continue to post updates to this blog with any
additional information and insight that we can over the next few days.We are reading your comments. We are listening to your suggestions. Please keep them coming.
Thank you.
Q: Are you working with law enforcement on this matter?
A: Yes, we are currently working with law enforcement on this matter as
well as a recognized technology security firm to conduct a complete
investigation. This malicious attack against our system and against our
customers is a criminal act and we are proceeding aggressively to find
those responsible.
Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both
physically and through the perimeter and security of the network. The
entire credit card table was encrypted and we have no evidence that
credit card data was taken. The personal data table, which is a
separate data set, was not encrypted, but was, of course, behind a very
sophisticated security system that was breached in a malicious attack.
Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted
and there is no evidence at this time that credit card data was taken,
we cannot rule out the possibility. If you have provided your credit
card data through PlayStation Network or Qriocity, out of an abundance
of caution we are advising you that your credit card number (excluding
security code) and expiration date may have been obtained. Keep in
mind, however that your credit card security code (sometimes called a
CVC or CSC number) has not been obtained because we never requested it
from anyone who has joined the PlayStation Network or Qriocity, and is
therefore not stored anywhere in our system.
Q: What steps should I take at this point to help protect my personal data?
A: For your security, we encourage you to be especially aware of email,
telephone, and postal mail scams that ask for personal or sensitive
information. Sony will not contact you in any way, including by email,
asking for your credit card number, social security number or other
personally identifiable information. If you are asked for this
information, you can be confident Sony is not the entity asking. When
the PlayStation Network and Qriocity services are fully restored, we
strongly recommend that you log on and change your password.
Additionally, if you use your PlayStation Network or Qriocity user name
or password for other unrelated services or accounts, we strongly
recommend that you change them, as well. To protect against possible
identity theft or other financial loss, we encourage you to remain
vigilant, to review your account statements and to monitor your credit
reports.
Q: What if I don’t know which credit card I’ve got attached to my PlayStation Network account?
A: If you’ve added funds to your PlayStation Network wallet in the
past, you should have received a confirmation email from
“DoNotReply@ac.playstation.net” at the email address associated with
your account. This email would have been sent to you immediately after
you added the funds, and will contain the first 4 digits and last 4
digits of your credit card number. You can also check your previous
credit card statements to determine which card was attached to your
PlayStation Network or Qriocity accounts.
Q: When or how can I change my PlayStation Network password?
A: We are working on a new system software update that will require all
users to change their password once PlayStation Network is restored. We
will provide more details about the new update shortly.
Q: Have all PlayStation Network and Qriocity users been notified of the situation?
A: In addition to alerting the media and posting information about it on
this blog, we have also been sending emails directly to all 77 million
registered accounts. It takes a bit of time to send that many emails,
and recognize that not every email will still be active, but this
process has been underway since yesterday. At this time, the majority of
emails have been sent and we anticipate that all registered accounts
will have received notifications by April 28th. Consumers may also visit
www.us.playstation.com/support and www.qriocity.com
for notices regarding this issue. In addition, we have taken steps to
disseminate information regarding this issue to media outlets so that
consumers are informed.
Q: What steps is Sony taking to protect my personal data in the future?
A: We’ve taken several immediate steps to add protections for your
personal data. First, we temporarily turned off PlayStation Network and
Qriocity services and, second, we are enhancing security and
strengthening our network infrastructure. Moving forward, we are
initiating several measures that will significantly enhance all aspects
of PlayStation Network’s security and your personal data, including
moving our network infrastructure and data center to a new, more secure
location, which is already underway. We will provide additional
information on these measures shortly.
Q: Has Sony identified the party or parties responsible for
the PlayStation Network hack and subsequent theft of personal
information?
A: We are currently conducting a thorough investigation of the situation
and are working closely with a recognized technology security firm and
law enforcement in order to find those responsible for this criminal act
no matter where in the world they might be located.
Q: When will the PlayStation Network and Qriocity be back online?
A: Our employees have been working day and night to restore operations
as quickly as possible, and we expect to have some services up and
running within a week from yesterday. However, we want to be very clear
that we will only restore operations when we are confident that the
network is secure.
Source
