A T-shirt to celebrate Sony's lack of concern both their customer's information, as well as actually keeping their service up.

Some of you with games containing some of the more obnoxious DRM (on a freaking console, even!) which you can't even play by now might have the shirt in-hand before your shiny game disc can release it's elfin magic once more.

It Only Does 80710A06.

Q: Was my personal data encrypted?

A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.

I hope I'm not reading too much into this, but it seems to imply the personal data tables were more protected than the credit card numbers. Could it be that PCI regulations are actually that much less strict than the rules concerning how you store the PII of children? Was that the fundamental problem here--that PCI regulations actually don't have stiff enough penalties to serve as a sufficient deterrence against corporate jackassery?

Q: Was my credit card data taken?

A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.
Either way, with 24 hours to go, I really don't think Sony's going to be able to explain their way out of this one.

This is just silliness. Anyone who has made a purchase through PSN has forked over the CVV from the back of their credit card, or the transaction wouldn't have cleared. Whether or not they were actually storing it ("to facilitate greater ease of purchasing") when they're explicitly forbidden from doing so I suppose to comes down to whether or not one believes in their veracity.

Being that a) Sony is a corporation which has neither a soul nor morals that can and will lie/cheat/steal so long as the quarterly statements have larger numbers and b) they're already lying to us in that very same paragraph... I ain't buyin' it.

More evasiveness about the PSN breach from Sony

So, Sony's PlayStation Network has been down more or less without explanation for five days, and now I get an email from Sony containing the following things:

Although we are still investigating the details of this incident,
we believe that an unauthorized person has obtained the following
information that you provided: name, address (city, state, zip), country,
email address, birthdate, PlayStation Network/Qriocity password and login,
and handle/PSN online ID. It is also possible that your profile data,
including purchase history and billing address (city, state, zip),
and your PlayStation Network/Qriocity password security answers may
have been obtained. If you have authorized a sub-account for your
dependent, the same data with respect to your dependent may have
been obtained. While there is no evidence at this time that credit
card data was taken, we cannot rule out the possibility. If you have
provided your credit card data through PlayStation Network or Qriocity,
out of an abundance of caution we are advising you that your credit
card number (excluding security code) and expiration date may have
been obtained.

Wait... what? Let's focus on something in there:

While there is no evidence at this time that credit
card data was taken, we cannot rule out the possibility.

Translated into more practical and less asinine terms that says:

"We've been merrily ignoring PCI guidelines and keeping your credit card information in plaintext where anyone could get at it through a simple compromise of our gaming network."

Words absolutely fail me on how incredibly wrong that is.

As much as I despise Microsoft and everything they stand for, I'm giving Sony exactly 48 hours to come up with an answer that involves taking responsibility for their actions, or I'm selling my PS3 and using the money to buy an XBox360 the copies of the games I was still playing on the PS3.

Finally and at last it's freaking out.

...and I suppose now we can all see what Sony did with their virtual-reality shopping mall, er, pardon me... "shared space".

Good luck logging in. Find me as 'evilDagmar' if you like.

PlayStation Home Open Beta