Sony Working With Law Enforcement On PSN Hack
In the latest update on the PlayStation Network issue, Sony said it was working with investigators after hackers stole data from users of the network, and told users it would restore services only when it was confident it was secure.
The PlayStation Network and Qriocity streaming music service were turned off on April 20 in the wake of an "external intrusion" according to Sony.
"We are currently working with law enforcement on this matter as well as a recognised technology security firm to conduct a complete investigation," Seybold said in a blog posted Thursday on the PlayStation website.
"This malicious attack against our system and against our customers is a criminal act and we are proceeding aggressively to find those responsible."
Sony added that it was possible hackers had taken users' credit card data.
"While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility," Seybold said, warning that "...we are advising you that your credit card number and expiration date may have been obtained."
Sony said that all the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted. However, the personal data table, which is a separate data set, was not encrypted, but was, "behind a very sophisticated security system that was breached in a malicious attack."
Sony said it was "working day and night to restore operations as quickly as possible" and expected to have some services up and running within a week.
"However, we want to be very clear that we will only restore operations when we are confident that the network is secure," Seybold said.
Sony could face legal action across the globe after the security breach of its PlayStation Network.
In the United States, several members of Congress seized on the breach. One U.S. law firm filed a lawsuit in California on behalf of consumers.
Attorneys general, who act as consumer advocates, had begun investigating the matter or reviewing it with staff in several states, including in Iowa, Connecticut, Florida and Massachusetts, according to their offices.
U.S. regulators could get involved as well.
Britain's Information Commissioner's Office said it had contacted Sony and was investigating whether it violated laws that require it to safeguard personal information.
"We are currently working with law enforcement on this matter as well as a recognised technology security firm to conduct a complete investigation," Seybold said in a blog posted Thursday on the PlayStation website.
"This malicious attack against our system and against our customers is a criminal act and we are proceeding aggressively to find those responsible."
Sony added that it was possible hackers had taken users' credit card data.
"While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility," Seybold said, warning that "...we are advising you that your credit card number and expiration date may have been obtained."
Sony said that all the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted. However, the personal data table, which is a separate data set, was not encrypted, but was, "behind a very sophisticated security system that was breached in a malicious attack."
Sony said it was "working day and night to restore operations as quickly as possible" and expected to have some services up and running within a week.
"However, we want to be very clear that we will only restore operations when we are confident that the network is secure," Seybold said.
Sony could face legal action across the globe after the security breach of its PlayStation Network.
In the United States, several members of Congress seized on the breach. One U.S. law firm filed a lawsuit in California on behalf of consumers.
Attorneys general, who act as consumer advocates, had begun investigating the matter or reviewing it with staff in several states, including in Iowa, Connecticut, Florida and Massachusetts, according to their offices.
U.S. regulators could get involved as well.
Britain's Information Commissioner's Office said it had contacted Sony and was investigating whether it violated laws that require it to safeguard personal information.
