I have recieved an email from sony today in the afternoon regarding PSN. Its pretty much the same info from the official ps site.  Also, according to a news article that I just read, the average time it takes for a company to find an unauthorized access is six months-plus.

Speak of the devil. I just got an email from Sony. Here's part of it:

"For your security, we encourage you to be especially aware of email,
telephone and postal mail scams that ask for personal or sensitive
information. Sony will not contact you in any way, including by email,
asking for your credit card number, social security number or other
personally identifiable information. If you are asked for this information,
you can be confident Sony is not the entity asking. When the PlayStation
Network and Qriocity services are fully restored, we strongly recommend that
you log on and change your password. Additionally, if you use your PlayStation
Network or Qriocity user name or password for other unrelated services or
accounts, we strongly recommend that you change them as well.

To protect against possible identity theft or other financial loss, we
encourage you to remain vigilant, to review your account statements and
to monitor your credit reports. We are providing the following information
for those who wish to consider it."

yup i found about this today... when i got home... reallly pissed about this tbh. Dont like my private details being out for the taking

Valued PlayStation(R)Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011,
certain PlayStation Network and Qriocity service user account
information was compromised in connection with an illegal and
unauthorized intrusion into our network. In response to this
intrusion, we have:

1) Temporarily turned off PlayStation Network and Qriocity services;

2) Engaged an outside, recognized security firm to conduct a full
and complete investigation into what happened; and

3) Quickly taken steps to enhance security and strengthen our
network infrastructure by rebuilding our system to provide you
with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill
as we do whatever it takes to resolve these issues as quickly and
efficiently as practicable.

Although we are still investigating the details of this incident,
we believe that an unauthorized person has obtained the following
information that you provided: name, address (city, state, zip), country,
email address, birthdate, PlayStation Network/Qriocity password and login,
and handle/PSN online ID. It is also possible that your profile data,
including purchase history and billing address (city, state, zip),
and your PlayStation Network/Qriocity password security answers may
have been obtained. If you have authorized a sub-account for your
dependent, the same data with respect to your dependent may have
been obtained. While there is no evidence at this time that credit
card data was taken, we cannot rule out the possibility. If you have
provided your credit card data through PlayStation Network or Qriocity,
out of an abundance of caution we are advising you that your credit
card number (excluding security code) and expiration date may have
been obtained.

For your security, we encourage you to be especially aware of email,
telephone and postal mail scams that ask for personal or sensitive
information. Sony will not contact you in any way, including by email,
asking for your credit card number, social security number or other
personally identifiable information. If you are asked for this information,
you can be confident Sony is not the entity asking. When the PlayStation
Network and Qriocity services are fully restored, we strongly recommend that
you log on and change your password. Additionally, if you use your PlayStation
Network or Qriocity user name or password for other unrelated services or
accounts, we strongly recommend that you change them as well.

To protect against possible identity theft or other financial loss, we
encourage you to remain vigilant, to review your account statements and
to monitor your credit reports. We are providing the following information
for those who wish to consider it:   
- U.S. residents are entitled under U.S. law to one free credit report annually
from each of the three major credit bureaus. To order your free credit report,
visit www.annualcreditreport.com or call toll-free (877) 322-8228.

- We have also provided names and contact information for the three major U.S.
credit bureaus below.  At no charge, U.S. residents can have these credit bureaus
place a "fraud alert" on your file that alerts creditors to take additional steps
to verify your identity prior to granting credit in your name. This service can
make it more difficult for someone to get credit in your name. Note, however,
that because it tells creditors to follow certain procedures to protect you,
it also may delay your ability to obtain credit while the agency verifies your
identity.  As soon as one credit bureau confirms your fraud alert, the others
are notified to place fraud alerts on your file. Should you wish to place a
fraud alert, or should you have any questions regarding your credit report,
please contact any one of the agencies listed below:

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division,
P.O. Box 6790, Fullerton, CA 92834-6790

- You may wish to visit the website of the U.S. Federal Trade Commission at
www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania
Avenue, NW, Washington, DC 20580 for further information about how to protect
yourself from identity theft. Your state Attorney General may also have advice
on preventing identity theft, and you should report instances of known or
suspected identity theft to law enforcement, your State Attorney General,
and the FTC. For North Carolina residents, the Attorney General can be
contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone
(877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney
General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202;
telephone: (888) 743-0023; or www.oag.state.md.us.

We thank you for your patience as we complete our investigation of this
incident, and we regret any inconvenience. Our teams are working around the
clock on this, and services will be restored as soon as possible. Sony takes
information protection very seriously and will continue to work to ensure that
additional measures are taken to protect personally identifiable information.
Providing quality and secure entertainment services to our customers is
our utmost priority. Please contact us at 1-800-345-7669 should you have any
additional questions.

Sincerely,

Sony Computer Entertainment and Sony Network Entertainment

Same here.

I still haven't received anything, and that's across 4 regions accounts.

Then again I care about it only on principle, since I don't buy PSN stuff very often, all my personal info is made up and I use PSN cards when needed.

Annoyed? Yes.

Outraged? I'm not even going to pretend to fake like I am.

Everyone who knows anything should realize the security of your account is more at risk when you hand a waiter or anyone your CC to pay for a bill out of your line of sight. Or when you use your debit/ATM card to pay at the pump, etc. etc.

This is just the world we live in. It was less than two months ago that there was another major breach in security regarding customer billing information. E-mails were sent; I know because I got them from multiple services that used the billing services of the firm that was compromised.

I'll reserve my outrage for when some rock stupid individual actually tries to use that information, because like all electronic billing data, these things are pretty easy to track, triangulate and pinpoint when accessed.

I'm not too fussed. My PSN password is unique to PSN and I can monitor my credit card transactions daily via the interwebs. If there's any transaction which wasn't made by me it'll be less than 24 hrs before I find it and get on the blower to my credit card company.

It's been all over the mainstream media over the last day, so if anyone doesn't know about it they've had their head up their arse.

I haven't received an e-mail from Sony, but until someone suggested I should have I never really considered that I should be expecting one.

I think their media strategy could have been a lot better for sure, and they really shouldn't have used playstation blog as their main means of trying to communicate. They should have released information directly to gaming media sites.

I'm just glad the internet browser on the PS3 still works. Been watching a few TV shows over the interwebs and I much prefer doing it on my TV than on my computer monitor.

I got my Email 10:30pm last night, AFTER I read about it from a site, and 2 hours after I posted the below in another thread.

Here is what I posted in another thread:

___________________________________

sega4life said:

This is a huge F-Up on Sony's part, they waited to long to inform people, the knew DAY ONE what happened.

It's their system, their data, they know when something is breached or not.

Them letting me know over a week later, and not in an Email, but on their Blog, and that I found out on a Arstechnica, is really lame.

I see people actually talking about this as if it's not a big deal, WTF?????, obviously you don't have a credit card and your not worried because mom and dad bought your items.  Identy Theft is no f'en Joke, your whole life can be turned upside down, and I'm not talking about spam mail.

Sony dropped the ball for waiting so long, and still holding back on more info to please their stockholders.

Heres Destructoids take on the matter....

Sony PSN failure attracts mainstream news, angry senators

#FAIL #PS3 #PSN #Sony

Now that Sony has dropped its trousers and admitted that hackers may have access to the personal info of countless PlayStation Network users, the bad PR has snowballed like crazy. The news has gone mainstream, with FOX News and CNBC both jumping on the story. Meanwhile, CNN.com has the story on the frontpage.

Lovely!

More interestingly, Connecticut Senator Richard Blumenthal is furious with Sony, and has written to Jack Tretton demanding to know why consumers were not fully informed of the details surrounding the PSN's downtime. 

"Although the breach occurred nearly a week ago," wrote Blumenthal, "Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised."

Meanwhile, the more idiotic Sony fans on Twitter and Facebook are defending the company, acting like this situation has been -- in any way -- acceptable.

Frankly, I think the senator makes a better argument than "Hey gaybox losers get the fuck out,,, this does not concern ya." You can read the rather more eloquent politician's statement below ...

April 26, 2011

Mr. Jack Tretton

President and CEO

Sony Computer Entertainment America

919 East Hillsdale Boulevard

Foster City, CA USA 94404

Dear Mr. Tretton:

I am writing regarding a recent data breach of Sony's PlayStation Network service. I am troubled by the failure of Sony to immediately notify affected customers of the breach and to extend adequate financial data security protections.

It has been reported that on April 20, 2011, Sony's PlayStation Network suffered an "external intrusion" and was subsequently disabled. News reports estimate that 50 million to 75 million consumers – many of them children – access the PlayStation Network for video and entertainment. I understand that the PlayStation Network allows users to store credit card information online to facilitate the purchasing of content such as games and movies through the PlayStation Network. A breach of such a widely used service immediately raises concerns of data privacy, identity theft, and other misuse of sensitive personal and financial data, such as names, email addresses, and credit and debit card information.

When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised. Additionally, PlayStation Network users should be provided with financial data security services, including free access to credit reporting services, for two years, the costs of which should be borne by Sony. Affected individuals should also be provided with sufficient insurance to protect them from the possible financial consequences of identity theft.

I am concerned that PlayStation Network users' personal and financial information may have been inappropriately accessed by a third party. Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach. Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised. Nor has Sony specified how it intends to protect these consumers.

PlayStation Network users deserve more complete information on the data breach, as well as the assurance that their personal and financial information will be securely maintained. I appreciate your prompt response on this important issue.

Sincerely,

/s/

Richard Blumenthal

United States Senate