The Average Gamer

Sony’s PSN Hacked – What Should You Do?

So, if you own a PlayStation 3 or have tried to download anything onto your PSP or PSP Go over the past 6 days, you probably noticed that you couldn’t connect to the PlayStation Network servers. Sony have finally explained why the PSN was taken down on their official PlayStation blog.

Basically, a hacker got into the system and probably has the following information from your account and any sub-accounts:

  • Your registered address
  • Country
  • Email address
  • Birthdate
  • PlayStation Network/Qriocity password – if you’ve
  • Login
  • Password security answers
  • Handle/PSN online ID

There’s no evidence this information was taken, but they can’t prove that it wasn’t:

  • Purchase history
  • Billing address
  • Credit card number (but not cvv2/security code)
  • Card expiration date

Also, your credit card details were encrypted.

Further details are in the Official PlayStation Outage FAQ.

Crap. So what do we do?

Don’t panic.

  1. If you used the same password on PSN that you did on other accounts, go into those accounts and change your password now There are great suggestions on choosing secure, memorable passwords at WikiHow. Applying an algorithm for each site is very useful and simple to remember.
  2. If you tend to use something like “Mother’s maiden name” for multiple accounts, go into those accounts and change your security question now.
  3. Most credit card companies now require extra checks for online shopping like Verified by Visa on top of the CVV2 code from the back of your card, so you don’t need to worry too much about shopping. Keep an eye on your statements for the next month anyway.
  4. However… with your DOB, billing address, card number and mother’s maiden name, the hackers may have enough info about you to lie their way into all sorts of things. I’d seek advice from your mortgage handler/personal banker/anyone else with important info. At the very least those people need a heads up that your info is no longer secure. They should be able to build other checks into their systems – I know my bank always ask for the amount and location of a recent withdrawal.
  5. Your biggest risk is probably identity theft. Get a copy of your credit report from a credit reference agency like Experian, Call Credit or Equifax, in a few weeks time. Make sure there’s no unusual activity attached to your name – like unexplained queries or an extra mortgage. You can get further info on identity theft from
  6. For our American readers here are links to the credit reference agencies in your country – Equifax, Experian and TransUnion

If you’re thinking about removing your card details from other services like Xbox Live, check out our step-by-step guide here: How To Remove Your Credit Card Details from Xbox Live – ONLINE!. Xbox servers haven’t been compromised (hope I haven’t jinxed anything by saying that) but I appreciate that some of you may want to play it safe.

All the best. Hope this breach doesn’t cause you too much hassle.

What are the banks saying?

Banks are well aware of the situation so if you do call them, there’s no need to explain the whole thing. Just mention the PlayStation hacking.

I called Barclays fraud line and was given two options. When pressed, they refused to comment on the relative security of either option, or talk about the risk of identity theft and emphasised that the choice is up to me.

  1. I can ask for a replacement card, which will invalidate any payments on attempted on my current card. The new one will arrive within 2 working days.
  2. I can stick with my current card and monitor my statements. If I notice any fraudulent transactions and reports them, I will receive a refund within 5 working days.

According to Twitter reports, Ulster bank are recommending you cancel your card and Lloyds are saying that there’s no need to cancel.

Halifax has a verified Twitter account that agrees that there’s no need to cancel cards and go on to advise customers to change any passwords that were shared with PSN.