Sony Hackers Claim to Have Credit Cards

Hackers may have as many as 2.2 million credit card numbers stolen from Sony PlayStation Network users, contempt reassurances from Sony that its course credit wag database was encrypted.

Kevin Stanley Smith Stevens, senior threat research worker for Style Micro, recently same happening Twitter that hackers claiming to have the credit card numbers are nerve-racking to sell the database through online black market forums. The thieves also claim to have the wag verification value (CVV) security codes for the taken plastic. CVVs are typically trey-digit numbers found on the back of nigh credit cards. Stevens was not competent to view the database to verify the hackers' claims.

Sony recently said it had no evidence that PSN users' credit card Numbers were stolen during a new intrusion into the company's servers. The company besides said the data was encrypted, making it much harder for anyone to turn the credit card data into usable information even if IT was stolen.

Data for Ransom money?

But that may not beryllium the case if the hackers' claims spell out to be sincere. Stevens fresh told The New York Times the bad guys are trying to sell the list for more than $100,000. The hackers too claim they tried to deal the information back to Sony, but so long the company has non confirmed this.

Security consultant with iSEC Partners Matthew Solnik also told the Times that hackers might consume made it into the company's main database. From there, they could have accessed an unencrypted version of the accredit card selective information, accordant to Solnik. All the same, Sony has non in public detailed how its database encoding whole shebang so it's unclear if that was possible.

At the moment, the hackers' claims are unverified, so it's hard to know what to make of them. Some PSN users take they're seeing fraudulent charges on their cards. But considering the PSN trespass affects more

than 70 million people, it's unclear if the rogue charges are flat incidental to to the PSN breakout-in.

Nevertheless, PSN users would be well advised to keep an eye on their quotation card accounts, and may straight want to consider canceling the card used for the PSN services; credit card companies should be willing to come forth a permutation under the circumstances.

[Check out PCWorld's guide to surviving the PSN breach for more security tips.]

Sony's PSN and Qriocity music military service stimulate been down for nearly ten days following the breach, and the fellowship freshly said it is considering compensating users for the service disruption.

The accompany took the two services offline on April 20 and is working to reconstruct its meshing with beefed up security measures before reopening PSN and Qriocity to users.

Another 'Game' Breached

Sony isn't the only company that needs to rethink its online security system practices. On Monday, a customer service congressman for the New York Yankees accidentally emailed the personal details of nearly 18,000 commutation ticket holders to a newsletter mailing list.

Join with Ian Paul (@ianpaul) and Today@PCWorld on Chitter for the a la mode technical school news program and analysis.