Watch CBS News
X-SciTech

Sony: PlayStation credit data possibly stolen

/ CBS/AP

Add CBS News on Google

LOS ANGELES - Sony says credit card data of PlayStation users may have been stolen in an intrusion that has caused its PlayStation Network to be put out of commission for the last week.

The company shut down the network, which connects players in live game play worldwide, last Wednesday after it says account information for certain players was compromised.

With some 70 million players in the network, the Sony breach could rank among the largest ever. Chalk it up to coincidence but the disclosure of the cyber-intrusion comes less than a month after customers at dozens of companies found out that their names and e-mail addresses got exposed in a breach at e-mail marketing service provider Epsilon.

Sony says it has hired an outside security firm to investigate what happened and has taken steps to rebuild its system to provide greater protection for personal information.

Sony says an unauthorized person obtained information including players' names, addresses, birth dates, email addresses, passwords and log-in names. Although it has no evidence credit card information was taken, Sony said "we cannot rule out the possibility."

What caused the Playstation Network outage
PlayStation Network outage: 6 days and counting

"Out of an abundance of caution, we are advising you that your credit card number (excluding security code) and expiration date may have been obtained," Sony said in a blog posting. According to the latest update, the account information for the PlayStation Network and its Qriocity service was penetrated sometime between April 17 and April 19.

Sony also warned that user profile data, including purchase history and billing address as well as PlayStation Network/Qriocity password security answers may have been obtained.

"While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained," it said.

© 2011 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.

View CBS News In
CBS News App Open
Chrome Safari Continue