updated 04:45 pm EDT, Tue April 26, 2011
Sony confirmes PSN account info exposed
Sony in a follow-up post confirmed fears that the PSN and Qriocity hack had exposed users' accounts. Both personal information and account names, including sub-accounts, were obtained by an "unauthorized person." No credit card information was in the hacker or hackers' hands, but Sony "cannot rule out the possibility" that it happened, the company's corporate communications lead Patric Seybold said.
The multi-day voluntary takedown of the site was to let a third-party security investigator research the incident and bolster both PSN and Qriocity. Sony now had a "clear path" to getting the services back online, but the restoration might take up to a week to get any services back online.
Sony stopped short of recommending that customers change credit cards but warned them to be more vigilant about their accounts in case they notice any unusual activity. They were also urged to watch out for e-mail, letter, and phone scams.
The disruption may have been the worst in Sony's history and came at a time just as Sony was hoping to overcome bad publicity by settling the George Hotz lawsuit. Microsoft may not necessarily be more secure against an attack but, to date, hasn't had a major security breach on Xbox Live in the roughly ten years since it has been active.
Its timing was also unfortunate as the disclosure followed just after Sony unveiled its S1 and S2 Android tablets, both of which lean strongly on the Qriocity service that was just compromised.