Home / / Sony squashes rumours of credit card detail sale

Sony squashes rumours of credit card detail sale

Communications chief says Sony has not been approached to buy back credit card information

Sony squashes rumours of credit card detail sale
Sony has released a statement saying they have not been approached to buy back credit card details from the hack that stole information from 77 million PlayStation and Qriocity users.

Following speculation that the hackers who stole Sony PlayStation users credit card details were trying to sell the information back to Sony, Sony PlayStation's Patrick Seybold, senior director, Corporate Communications & Social Media has stated that at no point to his knowledge has the company been offered the user's credit card details for purchase.

"We want to state this again given the increase in speculation about credit card information being used fraudulently. One report indicated that a group tried to sell millions of credit card numbers back to Sony. To my knowledge there is no truth to this report of a list, or that Sony was offered an opportunity to purchase the list," he said in the latest blog post on the official PlayStation Network blog.

Sony PlayStation recently held a press conference at its headquarters in Tokyo, Japan where top executives apologised for the data breach. During the press conference the executives said that stored Sony PlayStation passwords were not encrypted.

Seybold clarified this in his blog post saying that while it is true that the passwords were not encrypted that were transformed using a cryptographic hash function.

"While the passwords that were stored were not encrypted, they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in clear text form," he said.

Encryption describes the process of converting information from its normal clear text form into a form unreadable without special knowledge, while a hash is a special form of encryption often used for sensitive data such as passwords that uses a one-way algorithm, which when given a variable length message, will provide a unique fixed-length output or hash.

Despite the reassurances by Sony that the PlayStation Network will be back up soon, PlayStation Network users are clamouring for a fixed date with many posting comments on the blog demanding to know when they can begin accessing the online services again.

"Where is PSN?!! And when will it come back?!! Is it still set for tomorrow May 3rd?!! Whats going on Patrick! You always lie and change the dates from ‘2 days to within this week' ... This post makes it sound like it is not going to happen!!" read one comment.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.