Whether you're a PSN (Playstation Network) user or not, you'll have heard of the big issue that's surrounding the news, forums, social networks, and the long standing platform of 'word of mouth', but what exactly is happening?
On Wednesday, 20 of April, 2011, the Playstation Network unexpectedly went down. Users who tried to login were presented with an '80710a06' error code. Shortly after, Sony replaced the error code with the "PlayStation Network is currently undergoing maintenance" — maintenance which Sony said would last a day or two. That wouldn't have been so bad, I mean, maintenance for a Network such as PSN means added usability for us — the users — and that's a good thing, right? Well, it turned out that the maintenance went a little deeper than Sony initially claimed.
Three days later, on 23 of April, Sony announced that the Playstation Network outage was due to "external intrusion", but did not release any additional information to assist the statement, or even a timetable as to when we could start using PSN again.
An external intrusion? That didn’t exactly go down well, and the fact that Sony's Public Relations didn't act sooner was even worse. Many PSN users were left uneasy as the lack of information from Sony's side regarding the matter, was somewhat disbelieving.
It wasn't until a whole week later, on 27 of April, that the scale of the security breach became apparent, when a statement on the Playstation Blog was released, it turned out that PSN and Qriocity users information had been compromised.
An unknown source had infiltrated the Playstation Network and stolen personal information from Playstation 3 and PSP users, including name, address, e-mail address, and login details for PSN and Qriocity. Although users' credit card data was encrypted, Sony claimed there was no evidence it was stolen, but that theft of the data could not be ruled out, which Sony answered on the Playstation Blog:
When asked "Was my credit card data taken", Sony publicly states:
While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.
Following the statements made on the Playstation Blog, a later post on 28 of April, said that:
Our employees have been working day and night to restore operations as quickly as possible, and we expect to have some services up and running within a week from yesterday. However, we want to be very clear that we will only restore operations when we are confident that the network is secure.
Patrick Seybold (Sr. Director, Corporate Communications & Social Media) added in an update that the Playstation Network would be back up and running on 3 of May - two whole weeks after the malicious attack. Sony also stated that they "are working closely with a recognised technology security firm in order to find those responsible for this criminal act, no matter where in the world they might be located."