PlayStation Network Security Update – Credit Cards Numbers Not Encrypted
Sony made another post on the PlayStation blog today saying to remain calm about the credit card information that was stolen. They company also denied that a group tried to sell millions of credit card numbers back to Sony. The company also admitted that the passwords that were stored were not encrypted, but they were transformed using a cryptographic hash function.
While the passwords that were stored were not encrypted, they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form. For a description of the difference between encryption and hashing, follow this link.
Comments are closed.