Sony PlayStation = Identity Theft?

If you have a Sony PlayStation in the house you may be one of the 77 Million who have lost some Personal and Private information. This week, Sony announced the following PlayStation Network user account information was compromised in connection with an illegal and unauthorized intrusion into their network: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password, login, handle/PSN online ID, purchase history, billing address (city, state, zip), and your password security answers. If you created any sub-accounts for dependents or others, their info is compromised as well.

If that isn’t enough, a file containing your credit card number may also have been compromised. There’s a little good news on this front, your 3 digit security code from the back of your card was not lost and the file was encrypted, though Sony is not commenting on its strength. The reason the 3 digit security code was spared you ask? Sony never asked you for it so they didn’t have it to lose.

What threats do we face because of this?
1) Scams looking for even more sensitive info like Social Security Number.
2) Phishing emails referencing your account containing malware or links to malware.
3) Someone tries to get credit or opens accounts in your name.
4) Criminals testing to see if you’ve used the same password for other on-line services.
5) Criminals reset other on-line service passwords by using your security answers.
6) The Credit Card encryption is defeated and your account has fraudulent charges

What to do?
1) Consider having the credit bureaus place a “fraud alert” on your file.

2) If you used the same Sony password for several sites, get them changed. “Re-purposing” passwords is a bad idea exactly for this reason. We suggest using a password storage program and recommend the free one listed on our web site under Useful Links.

3) Consider canceling the credit card number Sony has and get a different one.

4) If someone contacts you claiming to be from Sony looking for more info, they aren’t. Here’s a quote from Sony, “Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.”

5) When the PlayStation Network is restored, log on and change your password. Sony has taken it down for a few security improvements.

6) As always, be ever watchful of anyone asking for Private information and verify they actual represent who they claim to represent.


About securitysnapshot

Security Snapshot LLC is a computer and information security company helping concerned business owners protect their reputation and their client's private and personal information.
This entry was posted in Current Threat, Digital Privacy, ID Theft, Phishing, Scams. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s