PSN Compromised (Euro Hack)

[Demosthenes]

So you should change your card account if you've ever bought anything at all from PSN? or only if you saved your data on the network? I've been checking my bank account daily and no fraudulent charges yet. I would hate to have to get a new card though :/

You don't need to change your account, just your card number.

[fren.]

Was this ever confirmed? When I read about that it was only speculation/rumour.

The wallet fund glitch? Yea, there was numerous youtube videos of it floating around. I never upgraded to the rebug, but it was amusing seeing them get a screen to pop up asking them how much funds they wanted to add to their wallet ($5/10/15/20/50/100 I think). The second part is a bit tricky as apparently you only get taxed depending on what state you registered your account for. But a handful of people reported that they weren't taxed for things they bought (when they were supposed to be) shortly before they took down the whole thing.

So you should change your card account if you've ever bought anything at all from PSN? or only if you saved your data on the network? I've been checking my bank account daily and no fraudulent charges yet. I would hate to have to get a new card though :/

I'd probably just get a new card to be on the safe side.

e: That being said, how does this affect people who FFXI on their ps3? I quit that shit a year ago, but I imagine they won't be reimbursed for SONY's fuckup.

[Demosthenes]

wtf are they going to do as compensation or w/e. PSN/Sony is huge, something like this should never ever even have a chance of happening

Compensation for what?

[Pikarya]

Welfare, food stamps, paid tuition, take your pick? Its America, I'm sure they'll be some type of "compensation" for a completely free service.

Actually, no.

[Odesseiron]

Slavery

[SephYuyX]

Uh, security breach, especially on a service as large as PSN, is a pretty fucking huge deal. I doubt think Sony is trying to save face at all, especially when it takes them a whole freaking week to figure out that they may have been leaked details.

Need to work on their DBaR issues then too.

[Katlan]

Compensation for what?

free PSN plus for a year! lol /ReallyHaveNoIdea

[Julian]

Is there a way to check what my psn password is, and if i have stuff linked to it? -_-

[Correction]

Is there a way to check what my psn password is, and if i have stuff linked to it? -_-

nope, you have to wait for PSN to become accessible.

[Doombard]

Well I could see them giving anyone who had PS+ one extra month for free since its been down for so long. Probably the least they could do for possibly GIVING OUT MY CREDIT CARD INFORMATION.

[Kaisha]

I hope they do a password reset on their end and e-mail the temporary ones to the account in light of all this.

[Julian]

nope, you have to wait for PSN to become accessible.

Well fuck. Hope I used one of my lesser passwords.

[archibaldcrane]

I'm going to do nothing and not worry about it.

Like a boss.

Sent from my Samsung Galaxy S 4G using Tapatalk

[Cephius]

Passwords being compromised is only a big deal if you use the same passwords for everything really

[Man0warr]

wtf are they going to do as compensation or w/e. PSN/Sony is huge, something like this should never ever even have a chance of happening

It's happened on a much larger scale than the ~75m users affected by this breach. Some credit card companies have been directly hacked in the past, not to mention a huge payment processor Heartland Payment Systems.

There is no 100% security against being hacked.

[6souls]

Aside from what Shinzon posted in the general thread;

Worst of all, though Sony doesn’t have any reason to believe that credit card info has been compromised, it can’t guarantee that it wasn’t.

“While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility,” the statement reads. “If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”

Sony cautions that you should be wary of any scam or phishing attempts made from this point on. They caution that Sony will never contact you in any way to solicit personal information, so if you receive e-mails from “Sorny Inc.” saying they need your credit card info to re-authorize you for the PlayStation Network, kindly delete them.

Perhaps most galling, the statement suggests that you keep an eye on your credit report and advises that you can put fraud alerts on your personal info to restrict anyone’s ability to draw credit on your name. With the alerts in place, if you ever want a car loan or a credit card, you’ll now have to jump through a lot of hoops to prove you are who you say you are.

Thanks for using the PlayStation Network I guess.

The statement provides little in the way of explanation or apology, stating that an illegal intrusion into the network sparked the outage. In the meantime, Sony claims that it has contracted a third party company to do a full investigation into the intrusion, and is taking steps to rebuild its infrastructure, not that that helps much now.

It’s good that Sony at least put all the cards on the table here, though not doing so would be near criminal given the level of data that has been compromised. Flame wars notwithstanding, it’s going to be very difficult to encourage users to trust purchasing anything over the PlayStation Network again.

Keep an eye on your bank statements, guys. Also, now might be a good time to get a credit report, just in case things go sour in the future. The statement suggests Annual Credit Report to get a free report.

Update 1:

Some information is coming out on this story related to the hack.

First, if you linked you Steam and PSN ID shortly before the nuclear bomb dropped, at least your Steam stuff is safe. A Valve rep told Joystiq “Nothing to be worried about. Steam has nothing to do with the PSN outage.” You kinda do have something to be worried about… just not your Steam account. Is it just me, or does that statement sound a little smug? Just a little.

Second, you may be like me and have completely forgotten which password you used for the PSN, and thus have no idea which one has been compromised. Welp, including Sony, that makes two of us.

“For those who were asking, Sony has just confirmed to me there is currently no way to determine what password you were/are using on PSN. If you’re worried at all, you should probably change your password used across the Internet,” GiantBomb News Editor Patrick Klepek wrote.

That’s just dandy. Luckily I do remember that signing in to the PSN was a huge pain, which means it probably wasn’t one of my more common passwords. Small comforts.

Update 2:

Ok this business just got political. Connecticut Senator Richard Blumenthal sent a letter to Sony Computer Entertainment of America President Jack Tretton that denounces both the extent and speed of Sony’s response to the information leak.

“When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised,” Blumental writes, as posted by 1up. “Additionally, PlayStation Network users should be provided with financial data security services, including free access to credit reporting services, for two years, the costs of which should be borne by Sony. Affected individuals should also be provided with sufficient insurance to protect them from the possible financial consequences of identity theft.”

I’m doing a heavy bit of reading between the lines, but this letter basically says “Step up to the plate because you’re two steps away from prosecution.” I imagine a number of politicians and litigants would love to attack Sony for this to show everyone how staunchly opposed to identity theft they are. The grand irony there is that Sony, having put on a horse and pony show with Geohot just a month earlier to show that they take digital security seriously, would now be on the other end of the table.

I expect one of two things will happen now. Either Sony will be able to unequivocally prove that they didn’t leak nearly as much data as they might have, or they’ll have to crack open the Sony coffers and pour money on the problem until it goes away.

Update 3:

Sony posted an FAQ about the whole debacle which addresses some concerns, but mostly is one giant shrug in text form. Aside from recapping all the info spelled out in the statement, it also addresses concerns that PlayStation Plus users have about paying for a service they can’t use. Actually addresses isn’t the right word. More of an acknowledgement that the concern exists:

Q.16 I want my money back (subscription fee, content) since the PSN/Qriocity was not available.

When the full services are restored and the length of the outage is known, we will assess the correct course of action.

The rest of the FAQ more or less restates over and over that the reason it’s taking so long to restore service is that Sony is doing some heavy investigating and fixing to make sure this doesn’t happen again. Can’t fault them for that, I guess.

http://blog.machinima.com/insidegami...ly-really-bad/
http://blog.us.playstation.com/2011/...-and-qriocity/
https://www.annualcreditreport.com/cra/index.jsp
http://www.joystiq.com/2011/04/26/so...o-hopes-to-ha/
http://www.giantbomb.com/news/good-n...-updated/3084/
http://www.1up.com/news/psn-fiasco-p...demand-answers
http://faq.en.playstation.com/cgi-bi...B&p_faqid=5593

[SephYuyX]

Would laugh my ass off if Sony got sued.

[Correction]

Legal action is a given, considering the parties involved:

- angry nerds
- publishers who lost revenue due to PSN's downtime during launch intervals
- angry nerds
- politicians looking for a 'I'm on the little guy's side' photo op of them asking angry questions during a congressional hearing
- angry nerds

Of these I reckon only the publishers can claim legitimate monetary damages, and I can only see Sony settling such matters out of court.

[Jefe]

Whose blog is that? It was painful to read.

[6souls]

1st link. Machinima Inside Gaming, author Lawrence Sonntag.