News broke out last week that the Playstation Network has been compromised and user information including names, passwords, addresses have been stolen. While Sony doesn’t believe that any credit card information was stolen, hackers claim they have it.
According to The New York Times, security researchers said that they had seen discussions and comments on underground Internet forums that suggest the hackers have a database that included customer names, addresses, usernames, passwords and as many as 2.2 million credit card numbers.
Kevin Stevens, senior threat researcher at Trend Micro, said that one forum member told him the hackers had offered to sell the data back to Sony but did not receive a response from the company.Patrick Seybold, senior director of corporate communications and social media at Sony, claims the company hasn’t received such such an offer.
While Sony pointed out that the entire credit card table was encrypted and there is no evidence that credit card data was taken, the company also said that it could not rule out the possibility that hackers might have obtained credit card data.
Although several researchers confirmed the existence of the forum discussions, it’s still impossible to verify the contents or the existence of the alleged credit card database.
Read next: Amazon (finally) issues an outright apology.