photo credit: hyku
After days of downtime for the Playstation Network, Sony have finally admitted that customer data, possibly including credit card details, may have been leaked:
While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
Sony is recommending that  all PSN users stay on the lookout for scams, check account statements and monitor credit reports:
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.
Whilst some of this is good advice, can you spot the big problem there? You can only change your password once they’ve managed to get the network back online.
While they say no credit card information has been taken, people who use the same password for multiple online services should be especially vigilant. Using the same password/email combination on PSN and PayPal for example…