That's a lot of people not getting it.

I think the article is saying that, your cc# is being sent unencrypted.

And the CFW was a tool used to see what info is being sent.

What it means is that, people can sniff that plain text regardless of you using cfw or not.

cfw, in this case, was a simple tool used to see what's going on behind that should be encrypted.

Article is kind of confusing, too. They need better writers.

No read it carefully and if you know the basics about computer security you would understand that the packets ARE being encrtpyed via SSL over http (aka https). This is the same level of security that 360, Wii, Online Banking and most online retailers use. 

 As for the custom firmware part - that refers to custom firmware being created with the aim of stealing your credit card information by having you install there custom firmware and then connect to a server run by the custom firmware author, the author will likely also have the custom firmware trust a custom certficate create by the hacker - thus allowing the hacker to recieve your credit card information (provivded you re-enter it into the PS3, probably on a custom page created specifically for this purpose). 

 As for why the article is poorly written -- i would say that the person who wrote the article is either a teenager upset that he cannot pirate games mommy and daddy won't buy for him anymore or someone with english as a second language. Both possbilites though seem to imply the person has minimal knowledge of how IT security works or is trolling.

No, what is really going to cause the PSN to grind to a halt? OK, the general internet completely will basically stop since so many companies have failed from what I can tell from reports. The end of IPv4 since most ISPs have failed to transition to IPv6.

So you're saying there's not a first time for everything then?

I'm not saying everyone should be super paranoid.  Keep your PS3 clean and you'll probably fine, but sticking your fingers in your ear and yelling NANANANANANANANANANANANANANANANEVER BEEN HACKEDANANANANANANANANANANANANA isn't a good idea either.

The second theres a case of it happening I'll believe but I won't believe some hacker bragging because it's just bs, people lie 

Why is that you do not trust HTTPS from PS3, but you trust it with the same CA for 360 and Wii? It is also likely that SONY uses a CA like Verisign which is a common choice among high profile companies and banks. I know that HTTPS isn't perfect but can you imagine the chaos if SONY tried to get PS3 users to use IPsec... (which is nightmare to setup outside of point to point connections)

And that's fine, I'm just saying because it has never happened before isn't a good reason to say something can't happen.

Honestly, if you don't have custom firmware on your PS3 I don't think you have anything to worry about but that doesn't mean I'm too close-minded to think something could never happen.