Raise your hand if you’ve had your PlayStation account hacked, the email on the account changed so you can’t get back in, and hundreds of dollars charged to your credit card… *raises hand* yeah. It’s not a pleasant experience. 

On the one hand, I’m very embarrassed to share that information because I feel very stupid (as I should), and on the other, I want to use it as a way to help warn others about what could happen if you don’t have 2-Step Verification (2SV) set up on your account. 

Update 12/16: I was able to regain access to my account by contacting Sony Support online and providing them with the necessary information to recover the account. Lesson learned, 2SV has been set up. Thank you to Sony for your help, I'm very grateful to have been able to get the account back.

Friendly PSA | Set Up 2-Step Verification on PlayStation

Whether you were able to secure yourself a PlayStation 5, or you’re still playing games on PlayStation 4, you should take a moment right now to go in and set up 2-Step Verification (2SV). When I say right now, I mean right now

I also recommend updating your password and removing any saved credit card information from your account as there have been a lot of reports of hacked PlayStation accounts over the last few weeks.

Adding to this, data breaches and hacks aren’t exactly an uncommon thing when it comes to Sony consoles. Don't place any trust in your account not getting hacked, because it can get hacked, and it will get hacked if you don’t have proper security measures in place.

Trying to get your account back after a hack is really, really rough. This is why it's so important to set up 2SV. 

Keep in mind that there are a number of factors when it comes getting your account back after a hack including being able to get in contact with Sony, having a way to get back into your account (access to original email), whether that account has been banned and can be unbanned, if the hacker set up 2SV on their end and that 2SV can be removed, etc. 

It’s a lot, it’s a mess, so be prepared.

Looking at the general response to people who’ve had their accounts hacked, there’s little sympathy from the gaming community at large. The response of “it’s your fault because you didn’t have 2SV set up” isn’t exactly helpful to people who’ve already been hacked and are wondering what to do next. 

Personally, I want to say that I’m sorry your account was hacked. I understand you’re feeling terrible right now. Beating yourself up about 2SV after the hack has already happened isn’t going to help, the only thing you can do now is move forward.

To help as best as I can, here’s the information I was able to piece together from my own experience. As the Alice Cooper song goes, "Welcome to my nightmare."

Help, My Account Has Been Hacked, What Do I Do? 

The first thing you need to do once you realize your account has been hacked is cancel any credit cards you might’ve had saved on that account.

Ideally, you should never save credit card information on any account whether it’s PlayStation, Xbox, or even an account you have with Domino’s Pizza.

Of course, hindsight is 20/20 here. 

If you’re able to remove your credit card without any purchases being made, you’re golden and ready to tackle the account issue. 

If the hacker has already begun to make purchases with your credit card, call your credit card company and have the card cancelled. Once it’s cancelled, they won’t be able to make any additional purchases. 

You can also dispute fraudulent charges with your credit card company and have them removed from your account. Before you do something like this, note that Sony does not like chargebacks and they may ban your account for creating a "debt" if your credit card company removes those transactions.

When contacting Sony about the account hack, let them know about any fraudulent charges made during the hack. 

In regards to contacting Sony, it may be difficult to reach them over the phone. The best option in my opinion is to try to chat with Sony online. Here's a link to where you can get in touch with Sony online, you can also click on "PlayStation Online Assistant" from this page.

Online chat services are only available at certain times, here's the best time to get in contact with Sony online:

  • Monday through Saturday from 6:00 a.m. until 10 p.m. (PT).
  • Sunday from 8 a.m. until 8 p.m. (PT).

An added benefit to chatting with Sony online is that you can save your chat log for future reference should you need to contact Sony more than once which… looks like it’s the case.

If the hacker changed your email address, Sony can send you recovery steps through your original email. They may say they’ll send this in “24 to 48 hours” so keep an eye out for that. If you don’t see it after 48 hours, immediately follow up with Sony and reference your initial chat log. 

If you're not having much luck online and would prefer to call, it'll take longer, but here are the numbers you can call and the hours of operation:

  • PSN Accounts and Billing Support: 1-877-971-7669 available Monday through Friday at 8:00 a.m. until 8:00 p.m. (PT).
  • Consumer Services and Technical Support: 1-800-345-7669 available Monday through Friday at 8:00 a.m. until 8:00 p.m. (PT).

If you’re able to get back into your account, immediately change and secure everything, and enable 2SV. If you can’t get back into your account, continue to pursue the matter with Sony. As frustrating as it might be, there’s nothing you can do outside of pestering Sony to help you. 

Don’t contact anyone other than Sony about the matter, no one else can help you but Sony.

Whether you're able to get your account back, or you set up a new account, the first thing you should do before you do anything else is set up 2SV. So, let's take a look at how you can do that.

How to Set Up 2-Step Verification on PlayStation

If you’re uncertain how to set up 2-Step Verification (2SV) on PlayStation, there’s a guide from PlayStation Support that will walk you through it. Below, we’ve embedded the 2SV setup information for you so that you have easy access to it.

Web Browser: 2SV

  • Go to Account Management on a connected device.
  • Next to 2-Step Verification, select Edit > Activate > Continue.
  • Select how you’d like to receive the verification code: Authenticator App or Text Message:

Authenticator App

  • Open an authenticator app on your mobile device and scan the QR code. If the QR code fails, copy and paste the alphanumeric code. You’ll see a verification code in the app.

Text Message

  • Enter a mobile number or select an existing one – you’ll be sent a verification code.
  • Enter the verification code. 
  • Record your Backup Codes.

PS4

  • Go to Settings > Account Management > Account Information > Security > 2-Step Verification. 
  • Select Activate to switch on 2SV. 
  • Select how you’d like to receive the verification code: Authenticator App or Text Message:

Authenticator App

  • Open an authenticator app on your mobile device and scan the QR code. If the QR code fails, copy and paste the alphanumeric code. You’ll then see a verification code in the app.

Text Message

  • Enter a mobile number or select an existing one – you’ll be sent a verification code.
  • Enter the verification code. 
  • Record your Backup Codes.

PS5

  • Go to Settings > Users and Accounts > Security > 2-Step Verification. 
  • Select Activate to switch on 2SV. 
  • Select how you’d like to receive the verification code: Authenticator App or Text Message:

Authenticator App

  • Open an authenticator app on your mobile device and scan the QR code. If the QR code fails, copy and paste the alphanumeric code. You’ll see a verification code in the app.

Text Message

  • Enter a mobile number or select an existing one – you’ll be sent a verification code.
  • Enter the verification code. 
  • Record your Backup Codes.

Once you have 2SV set up, you’ll be sent a verification code from your authenticator app or via SMS to your registered phone number whenever you try to sign in. The code is valid for 10 minutes after your sign-in attempt. 

If you’re sent a code and see a sign-in attempt that wasn’t made by you, you’ll be able to step in and intervene. Of course, accounts with 2SV set up are less likely to be hacked than ones without 2SV.

Always, always, always have 2SV set up wherever possible. Not only on your PlayStation account, but other accounts that offer it as well like Steam.

Adding to this, make sure to change your passwords regularly, and as noted above, never save a credit card to an account.

No matter how unlikely you think a hack is, the reality is that hacks are more likely than you think and the consequences of those hacks can be devastating. 

So take it from me, set up 2-Step Verification, you’ll be glad you did.