Sony: 'No Truth' To PSN Credit Card Sales Rumor, Passwords Were Protected

Sony has come out to debunk a number of rumors surrounding the information obtained in a recent PSN intrusion that has shut down the online network and put millions of PSN users' personal data at risk. In a message on the European and U.S. PlayStation blogs, the company stated there is "no truth" to reports that a hacker is offering to sell millions of credit card numbers obtained from PSN, or that Sony was offered the chance to purchase those numbers back for itself. Last week, the company clarified that it stored credit card data in an encrypted format, and without necessary security code data. Though Sony says there was no evidence this credit card data had been compromised along with other PSN user information, the company said it "can not rule out the possibility," and has recommended users protect their credit card information out of "an abundance of caution." Sony also said, "While the passwords that were stored were not 'encrypted,' they were transformed using a cryptographic hash function," and not stored in plain text format. That makes it potentially difficult for hackers to gain functional use of those passwords for PSN or other user accounts, but it's not as secure a measure as encryption. At a Japanese press conference over the weekend, Sony said it hoped to have PSN back up sometime this week, and was considering covering costs for reissued credit cards incurred by users. The company also said it plans to users a free month of access to the PlayStation Plus service to make up for the inconvenience caused by the network outage.