UPDATE: We received a small chunk of the compromised passwords, check to see if your name is on this list
Sony has some bad news for PSN users, confirming that PSN personal information is “believed” to be in the hands of an “unauthorized person.” Users who use the same password for multiple accounts should make immediate changes to all of their online accounts.
Sony has confirmed that the PSN outage by what it called an “external intrusion” a few days ago has resulted in the theft of the personal information of the roughly 70 million active PSN accounts. A post today on the PlayStation Blog by Senior Director of Corporate Communications and Social Media Patrick Seybold said that as early as April 17 account information may have been stolen.
“We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network,” Seybold wrote.
There is a laundry list of compromised personal information, including the loss of logins, passwords, street addresses, and purchase histories. Even credit card information could be at risk, though Sony is “no evidence” theft of credit card information occurred.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained (emphasis added).
In response to the intrusion, Seybold wrote that Sony turned off the PSN, contacted an outside security firm for assistance, and quickly stepped up efforts to strengthen PSN infrastructure.
Change your passwords, keep careful note of charges to your accounts, and keep an extra eye out for things out of place with your personal accounts. Stay tuned to gamrFeed for further updates.
Source: PlayStation Blog