After a week of PSN downtime, and various rumours flinging around the net, Sony has confirmed that the reason for the service outage: “malicious actions” that compromised user privacy.
And it could be entirely down for another week yet, according to a new post on the PlayStation Blog.
“We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems,” reads the post.
“These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows. We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.”
The message to PSN users goes on to be a little more worrying, with Sony advising users to check they’ve not been the victim of fraud.
Says the post: “We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained.
“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”
This is pretty serious stuff, and a lot of people are going to be very angry with Sony right about now. They might have quite some explaining to do – especially as to why they waited a whole week to tell PSN account holders that their extremely sensitive information might have got into some dodgy hands.
Because quite frankly, the only thing I’m thinking is: how could they possibly think it was okay not to tell us that?