According to unverified reports, hackers have stolen about 2.2 million credit cards from Sony's PlayStation Network.
Despite Sony's claim that the database of PlayStation credit card information was encrypted, security researchers say they've seen forum discussions where the hackers brag about having PlayStation credit card numbers in their possession, and are threatening to sell the information for up to $100,000, the New York Times reports.
Sony is saying the credit cards were encrypted, but we are hearing that the hackers made it into the main database, which would have given them access to everything, including credit card numbers.
Supposedly the hackers selling the DB says it has: fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date.
As expected, PSN users have taken to online communities to report fraudulent charges on their linked credit card accounts.
"Just got called by my credit card company, been charged 2 grand for some Paypal account in China...nice one Sony. At least I get it back #PSN," one user tweeted.
Sony has previously claimed that there is no evidence that credit card data was stolen, but that it couldn’t rule out the possibility. “If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained,” the company warned in blog post on Tuesday.
Hacker group Anonymous was originally suspected of causing the disruption as it had previously vowed retribution against the Japanese electronics giant after it took legal action two hackers.A security expert with
TrendMicro says that criminals using online forums are offering to sell a database of 2.2 million credit card numbers taken during the PlayStation Network breach.