Sony this afternoon disclosed that an “unauthorized person” hacked into its PlayStation Network online gaming system and obtained personal information about users of the system.
The company had previously said that an external intrusion had forced it to shut the system down, causing a high-profile outage over the past week. But today the news got worse for PlayStation Network users.
An excerpt from the company’s post on the issue.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
The post, also being sent as a message to PlayStation Network users, outlines steps for them to take to protect their personal information and credit card data, including changing their passwords on other accounts if the same as the one used for their PSN login.