A rough double-whammy for Sony.
It shows of the unrealistic and unreasonable trust we humans put in cloud services. Any service can be hacked this way.
We need safer payment methods now. Credit card info or other easy to mimic info should never have to be revealed. The banks (that have relatively speaking very secure systems) should be the trusted party, even though I’m not a big fan of banks for other reasons.
I’m actually surprised that Sony stores credit card numbers. Don’t they use an external payment broker?