psn_logo_0


After days of agonizing silence, Sony finally came clean Tuesday and revealed that a hacker had infiltrated its PlayStation Network online service and stolen customer data, including personal information that could be used for identity theft. More alarming, perhaps, is that Sony doesn't know whether credit card numbers and expiration dates were taken too, but left open that possibility.

"We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised," the company wrote in a letter to customers. "We believe that an unauthorized person has obtained [a wide range of personal] information that you provided. It is also possible that your profile data, including purchase history and billing address, and your PlayStation Network/Qriocity password security answers may have been obtained.

"If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained," the letter continues.

Yikes!

That's a startling admission from Sony, but more startling still are the actions the company is now taking: It is leaving the PlayStation Network—which serves more than 42 million PlayStation 3 (PS3)-based video game players—and the related Qriocity music and video streaming service offline so that it can "rebuild" the systems after a thorough investigation from an outside security firm. Yes, it's that serious.

Sony's PlayStation Network first went down for the count last week, on April 20, and users quickly began complaining when the service didn't come back online after days of silence from the company. Original reports suggested that the service was suffering from a distributed denial of service (DDoS) attack, but Sony's public statements attribute the problem to a single individual.

As of Wednesday morning, there's still no sign that the PlayStation Network will be online again anytime soon, so of course users who are now eager to change their logon information are waiting for that reason as well. But if the company's letter is accurate, Sony could very well need to re-architect the service from scratch, which could take quite a while.

Generally speaking, there's no love lost between PlayStation 3 and Xbox 360 gamers, and few fans of the consoles would ever consider jumping ship to the other. This outage, however, could be serious enough to tilt some PlayStation 3 gamers toward Microsoft's Xbox 360 and Xbox LIVE gaming service.

For its part, Microsoft this week claimed that everything was "business as usual" on its side of the fence and issued a "no comment" in response to questions about the PlayStation Network hack. But Xbox LIVE—which serves more than 30 million users, according to Microsoft—isn't exactly bug-free either: The software giant was forced to issue its own service alert for Xbox LIVE on Tuesday that warns of "potential phishing attempts" via the popular game Call of Duty: Modern Warfare 2.

Modern warfare, indeed.