Sony recently admitted that the personal information of 77 million of its customers, 3 million of them Britons, is now in the hands of hackers. That’s the same as unofficial estimates of the UK’s population. Justin Schamotta is a senior staff writer for Choose.net, looks into the implications of one the biggest data heists in history…
While the theft of these personal details is undoubtedly a pain in the Mario, whether the swiped information includes credit card details is in some doubt.
“To be on the safe side,” Sony say, “we are advising that your credit card number (excluding security code) and expiration date may also have been obtained.”
If card details have been stolen then the hack will rate as one of the largest ever thefts of financial data but will it be enough to dent consumer confidence online? And how risky is it anyway?
Sony and many online security experts seem united in their warning to potentially affected gamers: just keep an eye on credit card statements for signs of fraudulent activity and be ready for an onslaught of scammers seeking their nefarious riches via email, telephone and postal scams.
The message is: tedious, yes, but hardly majorly worrying.
And, in general, consumers do have good protection against fraud.
The Financial Fraud Action (FFA) group, which represents card firms, has a standard procedure that it implements when sites holding our card details are hacked.
The hacked company passes all the details of the potentially stolen card numbers to the FFA which then distributes them to building societies and banks. In theory, banks should then cancel any affected cards.
UK credit card providers are all signed up to the Lending Code and the FSA’s ‘conduct of business’ guidelines which mean that, as long as they’re not at fault, consumers cannot be liable for more than £50 of financial losses they suffer as a result of fraud.
Even the £50 will be waived by most providers, particularly by those that specifically advertise a ‘fraud guarantee’.
That’s all well and good but the massive stash of PSN data will give criminals enough information to commit really effective CNP activity such as application fraud.
That could lead to even more stress for consumers, chased or penalised by financial institutions for debts they didn’t rack up.
The fact is, most of us don’t think twice about handing over our card details to any large brand with an ostensibly secure site.
Sharing is all well and good when you’re 5 years old, but maybe consumers will decide to restrict their, currently pretty gung-ho attitude, to entering our card details online.
The patience of card holders is not infinite. It only remains to be seen whether this round of hacking or the next will see them begin to restrict their online activity and that could spell plummeting profits for online retailers.
This is a guest post from Choose. The site covers rights issues, research and debate into the consumer credit card and more broadly personal finance markets.