TOKYO (Kyodo) — Sony Corp. said April 27 personal information of up to 77 million users of its PlayStation Network services around the world may have been leaked, calling on users to monitor credit reports on a regular basis.
Sony said it “cannot rule out the possibility” that credit card data were compromised as a result of the breach of the online network for PlayStation game players and the music and video service Qriocity, in what could be the worst-ever case of information leak involving a Japanese company.
Sony said, however, there is no evidence that credit card information has leaked at this time but urges users of PlayStation Network or Qriocity to change their names or passwords, saying there is a possibility of a similar breach in the security of their other digital accounts that can be accessed with the same names and passwords.
The company said it believes an unauthorized person obtained the personal information, including names, addresses, e-mail addresses, birthdates and passwords, by accessing the systems between April 17 and 19.
There are 77 million accounts for the services offered in about 60 countries, including the United States, as of March 20, according to the company. It is estimated the services have around 9 million users in Japan alone.
In its official Japanese PlayStation Network Website, Sony said, “We deeply apologize” for the data leak. Sony has temporarily shut down the network services since last week, has asked an outside security firm to conduct a full investigation into the incident and has quickly taken steps to enhance security and strengthen its network infrastructure, the company said.
Sony changed its PlayStation-related system in March 2008 due to the possibility that user passwords could be rewritten, but no damage had occurred then.