As you already know PlayStation Network was hacked into and breached between the dates of 17th and 19th of April. On the 20th Sony decided to shutdown PSN to limit the damage from whatever kind of attacks this user was doing. Fast forward to the 27th and we finally know the full extent of the breach.
"Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained." http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/
This is the actions that Sony felt they needed to take to insure our PSN accounts.
- Temporarily turned off PlayStation Network and Qriocity services;
- Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
- Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
I am one of those people who have their Credit Card Info on PSN so that I can purchase things from PSN with ease. As a CC/DB card holder I understand that there is always an inherit risk whenever I do on-line shopping anywhere. No one is completely safe from someone who sole purpose is to screw with that person or company. I also understand that its Sony's job to make sure that when I sign on to PSN and put my info into that system that its protected and secured. Also I wouldn't have put that kind of info if i didn't trust that it was being protected. Well that trust has as of right now is being put into question after this incident and many PSN members are rightfully to be upset and angry about it.
Many PSN members at least on the PlayStation Blog feel that Sony was not being truthful from the start and that Sony was too busy talking amongst themselves to instead of talking to us on the 17th that there was an breach even though no one knew to what extent was the breach. While I do agree Sony could have been more forthcoming about this but I do believe that they took the best course of action to protect the consumer and PSN itself. The main thing that people are arguing about is rather or not they could have informed us sooner with an email statement as soon as Friday instead of waiting till the 26th to send that mail out. I am happy that at least for now it appears that Sony did stop the attack before it taking on major damage but then again our info MAY have been released out into the wild. This brings me to the main point of why I am sticking with PSN after all this.
I never had my Credit Card/Debit Card stolen nor have I ever run into any kind of trouble when I did any online shopping. This is the first time ever that my info MAY have been compromised since getting a CC/DB but I am not mad at all. Right now it there is a lot of information out there and I believe that it's going to take time to sort this thru. Sure I am a little concerned about it but not enough to go and cancel my card. At least not yet; not till I find out more about the situation and how I should proceed. I trust that Sony is doing everything they can to prevent such things from happening again and if they would've known beforehand that this was going to happen they would have done their best to stop it. Maybe I am naïve to think this is the truth when it is so easy to just let that cloud of doubt hover over my head till PSN is back online and I can change my info myself but as one my online buddies told me you can't go walking around in fear. Now could have Sony have communicated this better than what they did?
Of course you can always do better even though I think the real reason for the lack of DETAILED info was due to the fact that they didn't know either which is not an excuse either for them either. Just like a medical examiner at a morgue. They won't know how this person died till after the autopsy is done. Same situation here; all they knew was there was a breach and it wasn't confirmed till Monday. Now they did acknowledge on the 20th as I said earlier that there was an "external breach" of PSN and that right there should have told you that you should pay close eye to your CC/DB and check your statements to be on the safe side. I know I don't wait for others to tell me if something is bad for you; I go find out myself. Which is another problem within itself; that we have become a little too lax in the online space thinking that all is ok in the world; that nobody is going to touch myself. Of course Sony has to do their part to notify the public of the possibility that certain info may be in someone else hands other than Sony to cover theme selves because all you need is just one to be confirmed to ruin your day.
In the meantime if you are like me just double check your bank statements or credit card statements for any oddities and when PSN comes back online change your password. Also change your email passwords and replace it with something a little more challenging than abc123 and If you feel that is not enough or you don't feel safe with it on PSN delete it from PSN and get yourself a new CC/DB.
I have always monitored every transaction I've made on PSN and Xbox Live to insure that what I purchase was what I purchased. I also have a print out of all charges since signing up with both Xbox and PSN so even if something should happen I have enough info to dispute any charge that comes up. You should do the same when doing any form of online shopping and in many ways this is an wake up call for us who do anything online rather its blogging or just browsing the Internet.
I still plan on gaming on my PS3 and on PSN because I believe this will make not only PSN stronger but Xbox Live, Steam, Wii, and all the other on-line services stronger. This also sends an message to the gaming industry as an whole to take into account data security and taking the more than necessary pre-cautions to protect consumers from such attacks. Call me an optimist but I do beleieve that this will lead to better things.
My favorite comment pretty much summed up what I was trying to say:
"Sure you can say that PSN's hacking was a bigger situation, but look at it this way:
The US Air Force has been hacked.
The Pentagon has been hacked.
Microsoft has been hacked.
National Security files have been hacked.
If someone wants it, they'll get it... Don't blame PSN."