Senior researchers have said they have seen hacker forum discussions suggesting the PlayStation Network attackers may have managed to take 2.2m credit card numbers.
According to The New York Times, Kevin Stevens, senior threat researcher at Trend Micro, said he saw discussions on numerous hacker forums indicating these PSN and Qriocity hackers wanted to sell this list for US$100,000 and up.
Stevens said they were even trying to sell this database back to Sony, but did not get a response.
The report said that while several other researchers confirmed these discussions, it was impossible to find out if they really did have this database.
In response to these claims, Patrick Seybold, senior director of corporate communications and social media, said there was “no truth” to the claim Sony was offered the credit card database.
Sony previously stated that while the credit card information was encrypted within its system and there was no evidence found that any data was taken, it “cannot rule out the possibility.”
Reports from Mashable say that screenshots were posted from these hacker forums describing the alleged format of this credit card database. While Sony said only credit card numbers and expiration dates were obtained, the posts said card security codes were included.
While none of this can be verified yet, it is a cause of concern for many PlayStation owners. We should find out more as Sony’s investigation – which the company is working on with a technology security firm and law enforcement – continues.