Hackers put Playstation Network users' credit card details at risk

Users of Sony's Playstation Network (PSN) have been warned that their credit card details may have been stolen after the service was targeted by hackers.

The company said that data might have fallen into the hands of an "unauthorised person" following a security breach that happened between 17 and 19 April. The PSN service, which is used by the Playstation 3 and Playstation Portable consoles, has been offline since last Wednesday.

Sony confirmed that the following information had been stolen: name, address, country, email address, date of birth, Playstation Network password and login and PSN online ID. The company is still refusing to confirm that credit card details have definitely been obtained by hackers.

In a statement, Nick Caplin, head of communication for Sony Computer Entertainment Europe, said that while there was "no evidence that people's credit card details were compromised", users should be wary of "email, telephone, postal mail or other scams" that ask for personal information.

Sony said that all user accounts may have been affected. In an online FAQ Sony said credit care numbers and expiry dates could have been stolen. The company also confirmed that card security codes had not been obtained.

Graham Cluley, of internet security company Sophos, said that the news was "very disturbing" and that the breach was a "PR and security disaster for Sony". He also warned Playstation Network customers to take the potential theft of credit card details very seriously.

"If Sony loses your credit card information, it's no different from you losing your credit card - you should cancel that card immediately," he said.

The Information Commissioner's Office (ICO), which ensures personal data is stored and handled in accordance with UK law, said that it took any data protection breaches "extremely seriously". The ICO added that it would be contacting Sony about the issue.

"We are contacting Sony and will be making further enquiries to establish the precise nature of the incident before deciding what action, if any, needs to be taken by this office," said the ICO.

Sony said that it was still investigating the issue and that the service would remain offline until the company had been "reasonably assured" that security concerns had been addressed. Sony also said that it would deal with claims for compensation when the service was fully restored.

James Newton, news editor of PlayStation website Movemodo said that Sony had lost face "by not being more honest with its customers from day one". He also said it was wise to be cautious about the security breach:

"As with any such security breach I think it's healthy to be cautious about this, so treat any suspicious emails with more scepticism than usual and change passwords for your email and social network accounts if they use the same log-in details as your PSN network."

Concerned users in the UK can contact Sony's customer support department on 0844 736 0595. For more information, you can read the FAQ on the Playstation Network security breach.