Sony admits personal data was not encrypted

Written by Joe Martin

April 28, 2011 // 10:45 a.m.

Tags: #hack #playstation-3 #playstation-network #psn #psn-credit-card #psn-hack #sony

Sony has admitted that the personal data of PSN users, which may have been illegally accessed in a recent attack on the system, was not encrypted.

Thankfully, credit card information was stored seperately to the personal data and was encrypted. Sony still claims it it is yet to find evidence that the personal or credit card data has been actually accessed or stolen, though the security system surrounding the files were compromised.

'All of the data was protected, and access was restricted both physically and through the perimeter and security of the network,' Sony said in a statement. 'The entire credit card table was encrypted and we have no evidence that credit card data was taken.

'The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.'

Sony is still advising customers to remain vigilant over their accounts, however.

'Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.'

Sony is hoping to restore some PSN services by 3rd May next week, while the UK's Information Commissioner's Office is set to grill the company on its security systems.

Let us know your thoughts in the forums.

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU