After acknowledging that the Sony Playstation network was hacked by an external intruder. Sony now acknowledges that personal information was compromised on as many as 77 million users worldwide.  The information known or believed to have been compromised includes: name (full name), address, email, birthdate, country, Playstation handle, and Playstation PIN.  The post further states that: “While there is no evidence that credit card data was stolen, we cannot rule out that possibility.”

The lesson to be taken from this post is that it is extremely difficult to protect sensitive data from data thieves.  Even companies as large and sophisticated as Sony have fallen victim.  In much the same way that you keep your money in a bank, if you are a merchant employ the services of a trusted third party.  Will this guarantee that the data will not be hacked?  No.  But it will provide some measure of protection to you as a merchant as you are likely not liable for the actions of the 3rd party if you are using a PCI compliant company.