Sony Admits Total PSN Security Breach - Hackers Have User Info

If you are like me, you have not been able to log onto the PlayStation Network since the middle of last week. What you might still not know is why - it's because the PSN got hacked, and it looks like it might be one of the largest single consumer security breaches in history.

Sony finally came clean today about the "external intrusion" that took PSN down, and admitted that all 69 Million PSN user accounts have probably been compromised. Here is the data that Sony is SURE has been compromised if you have a PlayStation Network Account:

-Your name
-Your address (city, state, and zip)
-Country
-E-mail address
-Birthday
-PSN password and login name

Sony says it is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained,". While the company claims that there is "no evidence" that credit card information has been compromised, it won't rule out the possibility.

Best bet is to assume that the hackers have your credit card information too and cancel the card you use for that account. If you stored your debit card information on PSN - well, shame on you - you should DEFINITELY cancel it and get a new one.

Even Sony said:

"If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."

Sony really is VERY sorry about all this, and they do apologize for the inconvenience.

Yet another reason why we DO NOT allow customer accounts on the RACS store site, nor do we allow you to store your personal and/or payment information on the site. Sure that makes it easier to shop and checkout, but if PSN can get hacked, anyone can. Best way for us to secure your personal information is not to store it at all.

UPDATE: Sony released an FAQ blog post that said credit card data was encrypted and separate from the other data, which was not encrypted but was "behind a very sophisticated security system that was breached in a malicious attack."

UPDATE 2: 2.2 Million Credit Card Numbers From PlayStation Network May Be Up for Sale