PlayStation Universe

PSN crisis: Credit card info is encrypted, says Sony

  • submit to reddit

on 29 April 2011

In an FAQ document recently posted on the Official PlayStation Blog, Sony has assured PlayStation Network users that all credit card information is encrypted when submitted, and as such should not be susceptible to attack by hackers.

"Q: Was my personal data encrypted?

A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."

However, this does not mean that Sony is ruling out the possibility that data was stolen during the breach that occurred between the 17th and 19th of April.

"While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code, sometimes called a CVC or CSC number) and expiration date may have been obtained."

Since the news of the unauthorized breach, many major credit card companies such as American Express and MasterCard have been on the lookout for any suspicious transactions that could be linked to the incident.

Once again, we’d like to remind our readers to not give out any of their personal information if contacted in the future, especially by someone who claims they are a representative of Sony Computer Entertainment or PlayStation Network.