Sony’s announcement this week that its online PlayStation network has been hacked has left its 77 million users feeling angered and concerned. At the top of Sony’s To-Do list will be to make sure it has the necessary security infrastructure in place to ensure this doesn’t happen again. However, the company will also be looking closely at how criminals will try and use the stolen data, which includes email addresses, postal addresses and in some cases credit card details.

In some instances, online fraudsters only need a name, postcode and date of birth to apply for a credit card under someone else’s name. And while unlikely, Sony’s data breach could result in a number of cases where user information is exploited for illegal purposes. For example, people who have the same password for their PlayStation account as for other websites, such as their webmail provider, Facebook or Amazon, could be at real risk.

And it’s not just PlayStation’s customers who should be concerned. Online retailers and other organisations could potentially be the victims of fraud if they lack sufficient identity verification technology to determine legitimate customers from fake ones. Websites which don’t have advanced verification tools leave themselves open to attack from fraudsters, who deliberately enter real customer details to obtain products and services illegally. Although the true outcome of the data breach won’t be known for some time, the news should serve as a warning shot for Sony’s customers and online retailers to act now so they don’t end up victims of fraud.

John