Here's another sitrep on the PSN issue and it's a doozy. Sony just announced that the "external intrusion" into PSN may have compromised more than just their security. Sony believes that personal information from PSN accounts may have been illegally obtained.
"Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity passwords and login, and handle/PSN online ID.
"It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained.
More importantly, Sony notes that "while there is no evidence that credit card data was taken at this time, we cannot rule out the possibility." Sony advises users to assume the worst case scenario just "to be on the safe side."
"To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit or similar types of reports.
"When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well."
Sony isn't happy about this, assuring users that they are "going to proceed aggressively to track down those that are responsible."
Source: PlayStation EU Blog