So, did you hear the news? Yeah! Big breaking stuff right now. Sony Computer Entertainment’s network was breached and sensitive consumer information was accessed. Oh you heard? Now your freaking out? Don’t worry, you are not alone. You and everyone’s mother seems to be up in arms about this whole fiasco. But before we start the mud slinging, playing the blame game, freezing all of your assets, and swearing that Sony will rue the day this all went down, stop. Take a deep breath. Now listen to what I have to say.
This is obviously a very upsetting and unfortunate event that has happened over the past week. But let’s be frank here, what is done is done and can not be changed. What can be changed now is how you react from here on out. The best thing you can do right now is stay calm and be aware remembering this number one rule: Nothing you do on the internet is completely secure. So considering what transpired, take the steps necessary to be in the know. Here’s a bit of [common sense] information on what you can do now.
You may have heard on various news sources on TV or read on the internet that your credit card info HAS been stolen. This has probably been the number one factor in causing the panic. Here are the facts that we know of right now thanks to a recent Q and A update from the PlayStation Blog:
Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken.The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.
Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.
At this moment, Sony is advising us to be cautious. Out of the 77 million PSN accounts there have only been a few unconfirmed cases reporting any type of fraud. Keep in mind now, credit card fraud is a common problem affecting millions worldwide every year. These unconfirmed cases may be legitimate, they may be made up, or they may be completely unrelated to the PSN hack. At this moment we do not know. It could have been stolen (no proof) or it could be just fine. But as with anything you do on the internet, you should be cautious – ALWAYS. Since there was a breach in security you do have reason to be more concerned.
However, there is no need to go cancelling credit cards messing up your credit score and freezing bank accounts over this. It would be advisable to check with your banks and other financial institutions to find out if they are aware of the situation though. Make sure they inform you (or you research) what kind of protection you are offered. Most have programs in place so that if you find any unauthorized use of your accounts and funds, you are not held accountable IF it is reported quickly.
If your PSN did indeed have a card (credit or debit) connected to it, you should be vigilant about any activity on your account (as you should always be). If you would feel more secure, go ahead and call your financial institution and do what the majority of people have been doing: ask for a replacement for your card which would have a new number. But make sure you think things through. Remember this is all precautionary – So if you have bill payments pending on that card and you change it you could be putting yourself in a bit of a web. So make sure you check everything you have your card linked to and decide for yourself if it is worth the risk at the moment.
Sony also has offered a list of institutions where you can go the extra mile with.You have the opportunity to check your credit (you are allowed one free credit check every year). You should always check your credit at least once a year anyway. Maybe this will give you that extra push to do it this time around. Or you have the options to put your accounts on fraud alert along with other tools that can assist you in your quest to reclaim your security.
The greatest risk you probably have right now are your passwords being used to hijack your other online accounts. This, you should be concerned about but can also easily fix. Any online accounts that you had associated with the same e-mail used in your PSN, change those passwords especially if they were similar to or identical to your PSN password. But here’s a hint for future notice: Never use the same passwords for anything.
As for your name and address being leaked, honestly, really, seriously, that was already on the internet for everyone to see. People searches and databases are all over and you can find your phone numbers, home addresses, even the names of your family and the people living in the same house with you on websites. At the same time, it may have been released via other major company hacks (these things are not uncommon by the way). The most likely outcome from this information being hacked is getting spam and scams in your e-mail or mail box. A key element missing here for ID theft is social security which the PSN does not ask for, nor should you ever supply. So once again, here is another warning to be cautious. Again in the PS Q and A session, Sony recommends the following:
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.
Also be aware of phishing e-mails that look legitimate but are not.
So take steps to be in control and be aware. We are all dealing with the flood of information out there. Some may be unsure of what to believe, but do not let that confuse you as to what you should be doing.
For more information on the whole PSN security breach, PlayStation has offered a few resources to have your questions answered. You should really take the time to read this:
A few other well written articles I have found useful are as follows:
Also you may want to check your government websites to see how you can protect yourself from ID theft and what assistance your government offers. As this is an international incident, you may need to check with yours locally but here is the ID Theft government website for the United States:
Stay tuned to GamerXChange for more.