Changing your PIN number now would not be a bad idea.
Late last week, I noticed that our house PS3 would not allow me to connect to the PlayStation network. We'd recently recovered from a major WiFi outage and I assumed the problem had something to do with our ISP. When thousands of other users reported the same issue, it became obvious that the outage was more widespread. Now, after days of rumors and a sustained PlayStation Network Outage, Sony has made an official statement. And it is bad. From the announcement:
Don't Miss: Nintendo Switch: Everything You Need To Know
"...we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID."
So some hacker(s) now have access to all of that data. And maybe more. Sony also warned that profile data, purchase history, your billing address and your PSN/Qriosity passwords may have been exposed. In essence, any data that you have ever provided to Sony through PSN has been compromised. This may even include credit card information.
"While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."
Quite frankly, this is one of (if not the) biggest private data leaks in recent history. And the possible exposure of millions of credit card numbers is quite frightening. The fact that Sony put out the caution they did is evidence that the risk of exposure is significant.
If you believe your account may have been compromised, I'd recommend filing a Fraud Alert on your file. Sony was kind enough to collect the agencies you can do that with here:
"Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013 Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241 TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790"
How Bad is this For Me: The best thing about this leak- from a personal security standpoint- is its sheer size. Even if credit card data was leaked, it will take time for the parties responsible to make use of it. There's a LOT of information to sort through. At the very least, PSN users would be wise to alter their PIN number immediately. If you make a large number of purchases through Qriocity or PSN, you may want to send off for a replacement credit card.
How Bad is this For Sony: Potentially fatal. Qriocity is a big part of Sony's tablet plans. And a security breakdown like this will make users less likely to spend money through it in the future. The bad press and immediate stock hit this will cause pale in comparison to the damage a total loss of consumer trust will provoke. At the very least, this could cost Sony millions in console/tablet sales and online media purchases. At its worst, the damage could swell into the billions.
Don't Miss: Incredible Pokemon Gifts
Is this Sony's Fault: From a legal standpoint, absolutely. From a practical standpoint? It really is too early to tell. Sony seems to have taken the right initial actions. Taking down PSN immediately and bringing in an outside security firm were the only responsible moves to make. It will be days- possibly weeks, before we know just how this attack was carried out. At that point, we'll know whether the fault lies in lax security...or some innovative new hacking strategy.