In addition to emailing each of the 77 million PSN users to inform them that their personal information has been compromised, Sony yesterday posted a FAQ addressing the more common questions and comments. However, the company has taken things one step further, posting what appears to be the first in a series of Q&As on the official PlayStation Blog.
Q&A #1 covers a lot of the same ground as yesterday’s FAQ. That said, there are some details in there that were not previously disclosed by Sony. In response to the frequently asked question, “Was my personal data encrypted?” Sony has issued the following response:
In case you missed it yesterday, personal data compromised in the attack includes your name, address (city, state, zip), country, email address, birthdate, and PlayStation Network/Qriocity password and login and handle/PSN online ID. Sony says it’s also possible that your profile data, including purchase history and billing address (city, state, zip) was compromised. The company did not elaborate as to whether passwords and PSN/Qriocity IDs were included in the unencrypted personal data table.
Of course, the good news in all this is that credit card information, whether it was stolen or not, was encrypted. Sony says there’s no evidence to suggest that credit card info was compromised, but stresses that it can’t rule that out, and advises users to take the appropriate precautions to protect themselves against credit card fraud.
For those less worried about their personal data and more concerned with when PSN will be back online, Sony is sticking to the same statement it released yesterday:
“Our employees have been working day and night to restore operations as quickly as possible, and we expect to have some services up and running within a week from yesterday. However, we want to be very clear that we will only restore operations when we are confident that the network is secure.”
Check out the Q&A here, and yesterday’s FAQ here. Stay tuned and we’ll keep you posted should FAQ #2 appear.
It's bad enough they have the personal info, which for whatever "professional" reason was not encrypted.
One more reason to trust Sony, now that I know they have a "very sophisticated security system". Because, everyone knows, a" very sophisticated security system" is sooooo much easier to setup instead of just encrypting the f#$%^ data!
fixed it for them
He didn't get "settlement money", he got the chance to not be sued by a major corporation, which is a good outcome in his situation. He also got an injunction, so if he were to be linked to this in any way, or further tampered with Sony products, he would either face SEVERE civil fines or even criminal charges. He got the chance to walk away, not doing so would be a horrible mistake.