What started as an annoying break in gameplay is now a major data security breach. Yesterday, Sony confirmed that hackers had obtained personal and payment information from the PlayStation Network.
According to Sony, the following information has been compromised: user name, address, country, e-mail address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.
The company said it’s also possibly that users’ purchase history and billing address as well as PlayStation Network/Qriocity password security answers may have also been released.
This is certainly a big data breach and spells a lot of trouble for Sony’s image, but there’s no need for consumers to panic. Just deal with it the same you deal with any data breach:
1. Change your passwords: It’s tedious, but users should immediately change the username or password of any account that shares common info with their PSN account. This is particularly important if the e-mail account you’ve given to Sony shares a password with your gaming account. If you can, it might also be a good idea to change up any common password security questions (i.e. your mother’s maiden name, your first pet) Sony’s account may share with other accounts.
When Sony’s services come back online, users should change that password as well.
2. Watch your mailboxes: Whoever attacked Sony’s network now has a ton of personal information on PSN users — a goldmine for targeted phishing scams. You should always be wary of any e-mails that ask for password or account information, but be extra vigilant because hackers will be better able to tailor their e-mails to individual users.
Sony has said that it will not send out e-mails asking for PSN usernames and passwords, so anyone receiving an e-mail like that should delete it without responding.
And because the breach leaked physical addresses, users should be wary of snail mail scams, too.
3. Keep an eye on your finances: Sony said that it doesn’t have any evidence that payment information has been compromised but that users should assume their credit card information — minus security codes — have been leaked out of an “abundance of caution.” Watch your bank accounts closely and let your bank know about any unauthorized charges.
The very proactive might want to let their banks know they consider the account linked to the PSN compromised or even cancel their cards altogether, Graham Cluey of the Internet security company Sophos advised.
4. Talk to your kids about it: Sony said that subaccounts authorized by a main account may have also been compromised. So parents who’ve set up accounts for their kids should be on the lookout for scams and change any passwords or usernames that may have been affected.
Older kids might still be more concerned about not being able to use the PSN than they are about the implications of a data breach, so parents should take this opportunity to remind their kids to be on the lookout for anything fishy .
Have a good security tip? Let us know in the comments.