[ISN] PlayStation credit card data was encrypted

From: InfoSec News <alerts_at_private>
Date: Thu, 28 Apr 2011 02:32:43 -0500 (CDT)
http://www.zdnet.com.au/playstation-credit-card-data-was-encrypted-339314012.htm

By Darren Pauli
ZDNet.com.au
April 28th, 2011

Sony has confirmed that the credit card details possibly stolen in a 
breach of its PlayStation Network (PSN) were encrypted.

Customer names, addresses, email addresses, birthdays, PlayStation 
Network and Qriocity passwords and user names, as well as online user 
handles, were obtained illegally by an "unauthorised person", according 
to Sony. The data was accessed between 17 and 19 April and potentially 
affects up to 75 million customers.

The tech giant said on its blog that "all credit card information stored 
in our systems is encrypted", but added that it cannot rule out the 
possibility that the card data was stolen.

It said that it was only an "abundance of caution" on its part that had 
caused it to advise customers that credit card numbers and expiration 
dates may have been compromised. Security codes and Card Code 
Verification numbers are not recorded on the network.

While the strength of encryption has not been revealed, its existence is 
welcome news for users of the compromised networks because it reduces 
the likelihood that details can be used to commit fraud.

[...]


___________________________________________________________      
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Received on Thu Apr 28 2011 - 00:32:43 PDT

This archive was generated by hypermail 2.2.0 : Thu Apr 28 2011 - 00:40:07 PDT