New York Times
April 29, 2011
Security researchers said Thursday that they had seen discussions on underground Internet forums indicating that the hackers who infiltrated the Sony PlayStation Network last week may have made off with the credit card numbers of Sony customers.
The comments indicated that the hackers had a database that included customer names, addresses, usernames, passwords and as many as 2.2 million credit card numbers, the researchers said.
Kevin Stevens, senior threat researcher at the security firm Trend Micro, said he had seen talk of the database on several hacker forums, including indications that the Sony hackers were hoping to sell the credit card list for upwards of $100,000. Mr. Stevens said one forum member told him the hackers had even offered to sell the data back to Sony but did not receive a response from the company.