Source: G4

According to Patrick Seybold an "unauthorized person" has obtained PSN Users' personal information, including name, address, password, and possibly credit card data as well.

Below is Sony's statement.

Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1. Temporarily turned off PlayStation Network and Qriocity services;
2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

 

The full statement can be read here.

 

This may answer some question you may have. Some answers Sony has given.

PSN/Qriocity Network Outage FAQs

1. When did the PSN/Qriocity become unavailable?
PSN/Qriocity services have not been available since April 20 (US time) in all regions.

2. Why did the PSN/Qriocity become unavailable?
An external intrusion on our system has affected our PlayStation Network and Qriocity services.

3. Why was Sony not prepared for a compromise of its network?
We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we cannot comment further at this time.

4. Is the attack by “Anonymous” or another party?
We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we cannot comment further at this time.

5. Why is it taking so long to restore network services?
As soon as we learned of this issue, we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services. Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security.

6. How serious is this compromise? How will Sony prevent this from happening again?
Because there is an on-going investigation we cannot comment further at this time, but we are working to restore and maintain and strengthen the services, including incorporating additional countermeasures to ward against future intrusions.

7. When will service be restored?
We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.

 We will keep the service down to allow us to conduct a thorough investigation to ensure smooth operation of our network services when they return; we are working hard to resume the services as soon as we can be reasonably assured our security concerns have been addressed.

8. Did SOE experience an attack due to the same reason?
SOE’s services are currently available, but they did experience a service interruption due to an external attack. An investigation is ongoing.

9. Have you had such a long PSN/Qriocity service termination like this one in the past?
No.

10. Does PSN/Qriocity get attacked very often?
We cannot make any comments regarding this matter at this time.

11. I want my money back (subscription fee, content) since the PSN/Qriocity was not available.
While we are still assessing the impact of this incident, we recognize that this may have had financial impact on our loyal customers. We are currently reviewing options and will update you when the service is restored.

12. There seems to be some games that cannot be played even offline?
Some games may require access to PSN for trophy sync, security checks or other network functionality and therefore cannot be played offline.

13. Why are Sony Online Entertainment services available while PSN and Qriocity are still down and you (SCE/Sony) are not able to even tell us when it will come back again?
As our investigation in this matter is ongoing, we cannot comment further on this matter.

14. What personally identifying information do you suspect has been compromised?
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information provided by PlayStation Network/Qriocity account holders: name, address (city, state, zip), country, email address, birth date, PlayStation Network/Qriocity password, login, and handle/PSN online ID. Other profile data may also have been obtained, including purchase history and billing address (city, state, zip). If an account holder has authorized a sub-account for a dependent, the same data with respect to that dependent may have been obtained. If an account holder provided credit card data through PlayStation Network or Qriocity, it is possible that the credit card number (excluding security code) and expiration date may also have been obtained.

15. How will I know if my personal information has been compromised?
We have provided notices to consumers at the email addresses associated with their PlayStation Network/Qriocity accounts. You may also visit www.us.playstation.com/support and www.qriocity.com for notices regarding this issue. In addition, we have taken steps to disseminate information regarding this issue to media outlets so that consumers are informed. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your credit card account statements and to monitor your credit reports.

16. What steps have you taken to investigate this compromise?
We have engaged an outside, recognized security firm to investigate this incident and to assist us in our ongoing efforts to protect your personally identifiable information.

17. I got an email from you asking for my PSN/Qriocity sign-in ID and password. Is it really you asking for this information?
Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

18. What should I do to avoid having my personal information compromised?
For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other