Following one of the largest hacking incidents in online gaming history, in May 2011 Sony has offered its members a full free year of identity theft protection, completely free of charge.
The message sent on May 28, 2011 to all Sony online account holders began with the message:
Sony Computer Entertainment and Sony Network Entertainment have made arrangements with Debix to offer AllClear ID PLUS to eligible PlayStationŽNetwork and Qriocity account holders in the United States who are concerned about identity theft.
Concerned about identity theft? Perhaps these members are concerned because they know that their full name and address, their birthdate, their passwords and challenge questions, and their credit card information and history has all fallen into the hands of hackers. This might give the average person cause to be slightly alarmed about their identity.
The message from Sony goes on to indicate:
Sony has arranged, at no charge to eligible PlayStationŽNetwork and Qriocity account holders, for twelve months of this service to be provided by Debix to those who choose to enroll. In order to be eligible, account holders must be residents of the United States with active accounts as of April 20, 2011.
This is a little more confusing. It was my understanding that all accounts were hacked. Are they only going to help US residents for a specific reason? Is it that they only have an arrangement with AllClear and their US branch to do this, and people who live outside the US are just out of luck? Did the people who live outside the US get a separate message which gave them a different offer? I am very curious about this restriction.
Of course, the April 20, 2011 date is very significant. That is the date of the hacking activity. But again, is this realistic? Let's say someone stopped playing on the Sony system on April 19, 2011. Did Sony really completely delete all of their records exactly on that date? Were those records therefore not available to the hackers? I would have to guess that hackers could still see their account information.
I want to be clear here. I appreciate that Sony is trying its best to recover from a hacking incident. No site is free from hacking threats. I appreciate that they are now offering identity theft services to the people whose information was hacked.
However, why are they only offering relief to US residents? Why only to people who had accounts live the exact day the hacking took place? How about the non-US residents? How about people who had cancelled recently and whose information was probably still in the system? If I was Sony, I would have expanded my offer to cover all bases. We trusted them with our information. They let the hackers in. They should now ensure we are all protected from the results.