The massive hack of Sony's PlayStation Network in late April compromised the personal information of more than 100 million users, leaving them vulnerable to identity theft. The theft targeted members of the PlayStation Network, which connects users of the video game to each other, Sony and other companies, as well as Qriocty, Sony's media-streaming service, both of which were subsequently shut down.
In a letter to a congressional subcommittee demanding answers about the data debacle, Sony said hackers stole the names, birth dates, addresses, email addresses, PlayStation Network/Qriocty (Sony's media-streaming service) passwords and logins, and PlayStation Network IDs from some 77 million customers.
That number was subsequently revised upwards to some 100 million accounts, more than 12 million of which contained unencrypted credit card numbers.
While Sony first detected the beach of its systems on April 19, the company waited until April 25 to inform its furious customer base. An apologetic May 5th letter from CEO Howard Stinger on the PlayStation blog offered each customer identity theft insurance for one year.
But many question the value of identity theft insurance, which doesn't always work. Fortunately, insurance is not your only option -- there are steps potential victims can take to protect themselves against the risk of identity theft.
OnGuardOnline.gov, a government site dedicated to protecting consumers online, offers the following tips to PlayStation customers to help reduce the risks of identity theft:
If you used your PlayStation login ID or password for other accounts, change them immediately. Identity thieves typically try IDs and passwords on different systems to hack multiple consumer accounts. Make sure you're not using identical logins and passwords for multiple accounts containing any personal or financial information. Also, since hackers may have stolen security questions and answers from Sony, use different questions for other accounts.
Be extra vigilant about phishing scams. Once hackers have your personal information, you're a ripe target for spear phishing, personalized emails designed to trick you into revealing your credit card number, Social Security number and other sensitive information. If you get any emails from PlayStation, Sony or another gaming company asking for any personal information, don't provide it.
Monitor your financial accounts and billing statements. If you can't remember which credit card you used for your PlayStation account, check your email account for messages about billing from "DoNotReply@ac.playstation.net." If you see charges you don't recognize, get in touch with your bank or credit card company's fraud department immediately.
Check your credit report. This report contains information about your accounts and your bill payment history, and federal law requires the major nationwide consumer reporting companies -- Equifax, Experian and TransUnion -- to provide you with a free copy of your credit report every 12 months upon request. Visit www.AnnualCreditReport.com or call (877) 322-8228 to order your free copies. If you see inaccurate information or accounts you don't recognize, contact the credit reporting company. To find out how to correct errors on your credit report, visit www.ftc.gov/idtheft.