Sony has released the first Q&A for the PlayStation Network and Qriocity Services hack update and one of the top questions deals with how the company was storing our data on their network.
It turns out that Sony did keep credit card data on an encrypted table, but they didn’t take that extra step with any of our other personal data.
All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.
Hopefully with Sony’s new setup they opt for more than just a “sophisticated security system” to protect our personal data. As Grandpa used to say, “A little encryption never hurt nobody.”
Source: PlayStation Blog