Sony says that, though credit card info may not have been compromised, caution is still your best friend:
Q: Was my credit card data taken? A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.
The company was heavily criticized for their lack of transparency following last week’s incident, when they were forced to shut down their PlayStation Network service, revealing it had been hacked and personal data from their users had been compromised.
Though the situation remains very serious, this new update will help clean their image a bit. As we’ve recently seen with Apple, the sooner you tackle these problems, the better. Whenever something this bad happens, people want to know exactly what went wrong, how bad it really was and more importantly, how they’re going to clean up the mess. Every day that you stay silent and obscure about what happened damages your reputation even further.
Sony seems to have learned its lesson the hard way, let’s hope they can fix the issue as soon as possible.