To say that Sony has a mess on its hands may be the understatement of the year. On Tuesday, Sony posted a blog entry that provides some more information on the recent PlayStation Network hack. According to Sony, hackers obtained users' names, addresses, e-mail addresses birthdates, and account login and password, and may have also taken users' security questions and answers. If you set up a sub-account for your child, that information may also be in hackers' hands.
How widespread is this hack, you ask? Reuters and other news outlets are reporting that in all, as many as 77 million accounts may have been hacked, based on the number of PSN accounts. Sony also states, "While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."
To give you some context, this is roughly twice the population of California, and equivalent to approximately 25 percent of the total United States population (based on 2010 census estimates).
Watching Your Back
For the time being, Sony has temporarily disabled its PlayStation Network and Qriocity services so it can analyze these services for other security issues. Sony is advising its customers to watch for e-mail and postal mail scams orchestrated by data thieves, and to stay on the lookout for anything suspicious on your credit report or financial account statements.
You should regularly check your credit report: If you live in the United States, you are entitled to one free credit report per year from each of the three major credit reporting agencies by visiting annualcreditreport.com. From there, you should put a fraud alert on your credit report. Fraud alerts only last for a few months, so you may want to contact the credit reporting agencies in a few months to extend it.
Also, there's the issue of passwords. You shouldn't use the same password for multiple accounts (i.e. your eBay account, PlayStation Network account, and online banking account). But if you did use your PlayStation or Qriocity login password for multiple online accounts, you should change it immediately.
Taking these steps can go a long way toward preventing your personal information from being used fraudulently under any circumstances--you should be checking your credit report regularly and be password-smart under any circumstances.
Stay with PCWorld for more on the PlayStation Network hack as more information comes to light.