Banks are seeking to reassure their customers after it emerged this week that 3m Sony customers in the UK may have fallen victim to a huge data breach.
Hackers are believed to have stolen personal information from customers of Sony’s PlayStation Network, Sony Online Entertainment and Qriocity film, which are used by customers to purchase films and play online games. More than 100m people worldwide could be affected.
Credit card details, along with names, addresses, e-mails, dates of birth and phone numbers may have been exposed.
Sony, which revealed the full extent of the attack this week, said there was no
evidence so far that the
information had been used illegally.
However, there has been confusion over what action customers should take, with one customer claiming his bank had told him to cancel his credit card. Lloyds, the bank in question, said this was not the advice it should have given and it did
not plan to cancel cards until it had been provided with more information
Sandra Quinn at the UK Payments Administration said that UK bank customers who have an account with Sony did not need to do anything at present.
“Once Sony has worked out what is lost, it will advise us and we will advise the banks. The banks can then decide whether to reissue cards or flag accounts in potential danger,” she said.
Banks said they were waiting for more information from Sony before deciding how to react.
Barclays said it was not proactively replacing customers’ cards nor advising customers to cancel their cards. If customers were concerned, it said it would check their accounts for unusual activity and flag accounts at risk.
The cost of fraud to the UK is more than £38bn each year. Customers who spot unusual activity on their credit or debit card should contact their providers immediately. But banks say that the strength of their fraud detection software means they often spot irregularities before the customer does.
HSBC said customers should be reassured that unless they were contacted regarding suspicious transactions, there was no need to worry.
Victims of fraud should take immediate action by changing online passwords, particularly if they use a simple password or the same one for different accounts. Consecutive numbers, and the word “password” are among the most commonly used security codes and are easily guessed by hackers.
All UK banking customers are protected by the Payments Services Regulations and there is no cap
on the compensation that can be paid out in the case of fraud.
The National Fraud Authority says that a leading potential source of fraud is identity theft, whereby thieves use personal information to set up lines of credit in a victim’s name. This can ruin the victim’s credit score and prevent them from taking out mortgages or credit cards in the future.
The National Fraud Authority recommends that all consumers carry out a credit check each year with one of the three UK agencies: Experian, Equifax and Call Credit. There are also subscription services that monitor accounts and alert the holder of any suspicious activities.
It you are a victim of fraud you can also report the details to Action Fraud, which will add the incident to its crime database, which is used to track activity.
Sony has apologised to its customers and has offered to pay for identity theft