PlayStation Network Breach: Sony Says Credit Card Info Was Encrypted

All we've heard so far from the PlayStation Network and Qriocity hacking debacle are bad things -- namely, that personal data, including user names, passwords, and possibly stored credit card information may have been compromised. However, here's something to ease your mind: all stored credit card info was encrypted.

Just one day after Sony revealed that personal user data may have been compromised, the company uploaded a Q&A blog post on its website. Sony's director of communications and social media, Patrick Seybold, wrote that "all of the data was protected" and that "the entire credit card table was encrypted and we have no evidence that credit card data was taken."

Of course, what we can draw from this is not only that stored credit card info is (probably) safe, but that the non-credit card info was not encrypted. And it wasn't, as Seybold writes, "The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."

Sony says there is no evidence that the (encrypted) credit card info was compromised, but of course it "cannot rule out the possibility." Sony has assured users that the three-digit security code on the back of their credit cards has not been compromised, as Sony has never requested it from anyone who has joined PSN or Qriocity.

So, that's some good news in all of the bad news, right? Still, it's a good idea to put a fraud alert on your card and watch your account for any suspicious activity (or, if you can afford it, just cancel your card and get a new one).

Follow Sarah on Twitter (@geeklil) or on Facebook

Subscribe to the Security Watch Newsletter

Comments