A few days ago, Sony spoke out about the PlayStation Network breach in great detail, delivering potentially devastating news. It looks like there is finally some good news regarding the fiasco, though, as Sony assures us that trophies, friend lists, PS+ cloud saves and account download history remain intact and will be restored when the network goes live once again.
As for the worst potential piece of news that came out of this whole nightmare — users’ credit card information being stolen — Sony claims that the credit card information was indeed encrypted, which, even if the info was stolen and decrypted, removes some of the negativity surrounding Sony, as anything can be hacked regardless of its encryption and security, so at least Sony was responsible regarding the most sensitive information they guard.
Stated on Sony’s official FAQ about the network breach:
All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.
While Sony has yet to find any indication that user credit card information was stolen and claim they did indeed encrypt the sensitive info, they do admit they didn’t encrypt the other personal information, but it was behind sophisticated security. However, online security expert with TrendMicro Kevin Stevens claims that a list of stolen data — including credit card numbers and security codes — from over 2.2 million accounts is being shopped around nefarious circles. He does, however, admit he doesn’t have the list, so is unable to verify the authenticity of the supposed information held within.
Sony has been stating the opposite since the beginning of this mess, and continues to claim that there is no evidence that credit card information was stolen, but that directly conflicts with the supposed list Stevens claims is floating around. For the sake of PSN users, we’re hoping Sony knows what they’re talking about.