Sony says stolen PlayStation credit data encrypted
NEW YORK >> Sony is telling PlayStation users that it had encrypted the credit card data that hackers may have stolen, reducing but not eliminating the chances that thieves could have used the information.
Sony Corp. said in a blog post Wednesday that while it had no direct evidence the data was even taken, it cannot rule out the possibility. It did not say how strong the encryption was, and it is possible for hackers to decipher files that are weakly encrypted — it’s just more difficult.
"All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken," the company wrote in its blog post.
On Tuesday, Sony had said that account information, including names, birthdates, email addresses and log-in information, was compromised for certain players using its PlayStation Network. In an earlier blog post, the company had said that data had not been encrypted and had been kept in a separate location from the credit card information.
The company said it is in the process of moving its network infrastructure and its data center to a new, more secure location, though it did not give any more details. And it said it is working with law enforcement to investigate who is responsible for the attack.
Sony shut down the network last Wednesday after it said account information, including names, birthdates, email addresses and log-in information was compromised for certain players in the days prior. It said it expects to have some services back up by next Tuesday, though it added it will only restore operations if it is confident that the network is secure.
Don't miss out on what's happening!
Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!
Microsoft Corp., meanwhile, warned players on its Xbox Live network that they may be the subject of "phishing" attempts while playing "Call of Duty: Modern Warfare 2" online. It said on its support website that it is working to resolve the issue. Phishing scams are attempts to pry personal information out of people, most often through official-looking emails but also other types of messages.
Microsoft declined to comment on the Sony situation.
""The security around our Xbox Live service and member information is our highest priority. Other than that, we have no comment," said spokesman David Dennis late Wednesday.
Sony says that of the 77 million PlayStation Network accounts, about 36 million are in the U.S. and elsewhere in the Americas, 32 million in Europe and 9 million in Asia, mostly in Japan.