Man, Sony’s PlayStation Network just can’t catch a break can it? After telling worried gamers that it was unsure if credit card information was stolen, then telling people it was stolen, Sony is now saying all credit card info was encrypted and should be secure. So what is the real story?
Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.
Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however, that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.
That’s reassuring to know. Now, all PlayStation gamers are waiting for is PSN to go back up so they can change their passwords and move along like everything is kosher. Sony’s handling of the entire PSN outage may leave a bitter taste in the mouths of loyal PS3 and PSP owners, but isn’t knowing you won’t have to cancel all you credit cards and apply for new ones a nice feeling? As anyone who’s lost a credit card or had their identity stolen knows, it’s a royal kick in the butt to fix it all in the aftermath.