April 28, 2011

  • PlayStation breach was kept under wraps

    Sony has admitted that hackers have stolen the private data of up to 80 million users

    Sony admits that over 75 million customers personal information may have been compromised, including names, addresses, passwords, email address and possibly credit card information.

    Stolen information can be used to purchase items with stolen credit cards, set up false identities to secure loans, set up bank accounts, receive public assistance and can even provide cover for terrorists. But gamers are furious that the company waited more than a week after hackers broke in on April 16th to warn its customers.

    The breach is not only an embarrassment but is likely to cost it financially. The company’s stock fell 2.5 per cent.  FBI’s Cyber Crime unit has been called in as class action lawsuits are being filed by US attorneys on behalf of hacked clients.

Comments (23)

  • Yeah I’m watching my credit card — if anything gets put through that is not mine I’m to contact my bank immediately because of the breach.

    Not really thrilled about it but I hope they catch the bastard(s).

  • People do realize that their banks will replace lost funds right? It happened with my bf on a different thing. And getting a new card can be a pain but it’s well worth it. I doubt that these lawsuits are going to get fair. It seems like everyone is so paranoid, too paranoid to think correctly. And they want any chance, any reason to get money. Regardless, there are details we just don’t know all the way through. I don’t think Sony really is to be blamed for the whole thing..I’d blame the hackers really. Sony is doing what it can and trying to access the damage as best as they can. And yes, I’m on the PSN network myself…I think people are mad and upset that security can be breached (not surprisingly. Nothing is a hundred percent safe online these days.) Though I think the people should also sue the hackers for this damage as well.

  • Yeah, fuck Anonymous.  I’m no longer willing to be a part of it.  Sony isn’t giving people a time frame on when it’s going to be back up, either, and there is no word on compensation for the downtime for anyone playing Pay2Play games on their network or having been signed up for their $60 a year Plus program.

    We’ve started calling it the PoSNetwork.  This is NOT the first time this has happened, either.

    Oh, and do yourself and everyone else a favor…don’t be posting up and supporting Al-Jazeera television…fucking terrorist lovers.

    @Hinase - Who cares if it can and possibly would be replaced? How about not having to deal with it in the first place would be better.  Also,once the banks give money back, the FBI/Cops don’t consider the customer a victim anymore, and the victim then becomes the bank.  The problem?  The banks never want to prosecute, since it costs them even more money, since the money given to the customers as replacement for their losses comes out of their own pockets.

  • I can’t watch the video atm b/c my computer has been on forever and youtube videos just hang for whatever reason. But I wouldn’t say Sony kept it under wraps. Every PSN user got an e-mail recently about a day after their update on the UK website (probably around the same time, but it takes time to e-mail that many users). I don’t know if the vid has any updates, but they said they couldn’t confirm if the CC info was compromised but advised caution to be on the safe side. I can’t imagine that being compromised, any developer worth anything would have stored that securely *elsewhere*, with at best retaining the last 4 digits of the card. I have a difficult time imagining a company as massive as Sony would just let that data set sit besides account information.

    I would agree that they’re not airing this as they should, but I’d be willing to give them the benefit of the doubt as to not incite panic. Even if the CC info is not compromised at all, the person’s name, address, birthdate, is all vital information, not to mention username/passwords. Obviously hacking of this ilk is malicious, so users should definitely feel like they’re in the dark regardless as we have absolutely no idea what the intent of the crackers are, just how malicious it is, or will become now that they have their hands on this kind of information.

  • @Sunrie - ”Oh, and do yourself and everyone else a
    favor…don’t be posting up and supporting Al-Jazeera
    television…fucking terrorist lovers.”

    what. Comments on kotaku are making out the PSN crackers to be synonymous for/with terrorists. Guess AJE is a hypocritical station, huh?

    http://en.wikipedia.org/wiki/Al_Jazeera#Aljazeera_English

    Aw man. Guess we ought to cut off ABC Nightline, too.

  • @versatil - You’re learning, but you’re acting an idiot who doesn’t seem to have basic English comprehension skills, but, hey, I’m sure you’re just a little muddled, what with the royal wedding coming up and all, taking 99% of your brain power to focus on.

  • @Sunrie - Unfortunately it happens. It will always continue to happen, regardless if it the PSN or a simple bank. If hackers want something so much, they will get it regardless of the roadblocks ahead or the security in place. Nothing is a hundred percent safe especially online also there hasn’t been any real details to how the hackers did it. How hard/difficult the security was. There are things we simply don’t know. We can’t judge properly without those things. That’s why I’m reserving my judgment and even my anger to know more. Assuming the worst that your card has been stolen (get it replaced. Get your funds back from the bank.) is pretty much the worst of it all. The rest? Like address etc; those things can be easily searched for me..thanks to the advent of facebook. Nothing is private or safe. You can always be traced and that secondary information can be found. Hell, I had a friend recite my whole schedules for high school including my id number from school and he found it from the web. It’s easy to find anything if you know what you’re doing. It sucks this happens..but it’s like all the bad things in life. It just happens. It’s how we deal with them, that makes it better and it seems Sony is doing the best job as they can. Not to mention, there was a holiday recently and maybe Sony didn’t know until now. We can’t really say for sure. That’s why I’m reserving my thoughts. Or maybe I’m a lot better at this, than a lot of people. 

  • that first dude looks like a pirate! Dang I went out to eat and had my bank card scanned and some loser bought WoWC junk with it. I was pissed but the bank just refunded and didn’t tell us what exactly happened. They don’t want to look like dopes I guess.

    Sony is going to come back who else is going to give us good stuff to play? Microsoft have been hacked as well. I don’t know about wii but I am waiting.

  • @Sunrie - A-J ia a soilid news station WAY better than FOX

  • horrible!

  • @Hinase - It’s not about being paranoid. You obviously haven’t had your identity stolen before. I’m not very worried at all about them just having my credit card info. That’s an easy fix just like you said. What I’m worried about is that they have my name, address, email address and PS network password, and PS network security answers. There are several things that could go wrong. You have to think like a hacker. I use my ps network password for other things. Now I have to change all of those. If they have your email address and the password you use for playstation network is the same you use for your email (this includes a lot of people I guarantee it) they now have your email address and password. With 75 million emails and passwords to try out they could just write a program to run through all of them and record the ones that work.

    Once your email is breached they now have access to any site you visit that has a “forgot my password” link that sends a password to your email. This includes most social networking sites and even some banks. People who have never really though about security do not understand that once they have your email, they can find out ridiculous amounts of data about you. They can read your email, send out emails pretending to be you, use your email to collect other passwords for Facebook (lots of data), Paypal (your money), Amazon (hope you don’t have a saved credit card), and whatever else. Next thing you know there might be someone running around with a Driver’s License with your name on it. They might take out a car loan in your name and default on the lone. Now your credit is screwed and you have to spend years of your time and money in legal fees to clear your name.

    I know all of this is possible because I’ve sat there and thought of ways to do it. Sarah Palin’s email was hacked and they didn’t even have a password. All they needed was the answers to her security questions. The Sony hackers got those too if you use the same ones. Even if they didn’t the Sony hackers have your address. If your question is “where did you go to high school?” it might not be that hard to find the answer if you still live in the same place. Remember, if it doesn’t apply to you, there are still 74,999,999 others it may apply to.

    “Unfortunately it happens. It will always
    continue to happen, regardless if it the PSN or a simple bank. If
    hackers want something so much, they will get it regardless of the
    roadblocks ahead or the security in place.”

    This is not true. There are levels of encryption that a whole gang of hackers would never be able to break. My guess is that in an effort to save money Sony didn’t hire an outside security firm to teach them this. From what I understand the personal data was not encrypted at all. Sony could have protected the data. They want us to think it was impossible to be totally secure like you are saying but that’s not true. It’s all about how much money you are willing to spend on network security and training for your employees. For all we now the hackers could have called and got a password from a Sony employee. Humans are the weakest link in any network.

    @versatil -  “But I wouldn’t say Sony kept it under wraps.”

    They are talking about the entire week that Sony made no comments about it. It doesn’t take a week to email PSN users. I get automated emails from them all the time. I just recently got one about the new EULA and the whole Qriocity crap. The reason why they waited a week is because they wanted to see if a cover-up was possible before they had to alert their customers.

  • @AtheistInfidel - I’ve known people that had their identity stolen. But the thing is we don’t know what their motives are. Are they just trying to fuck with Sony or actually steal money from actual greed? I don’t know. I feel like no matter what, no amount of security can protect us. Though I do agree that humans are the weakest links in it all. Of course, I know many people that are on the PSN. Though my recollection and from other experiences, I do know the banks can give back the money (I think to a certain amount). I’m not sure if it was encrypted or not. I can’t say. I have no experiences in those things. Weird, because a friend of mine told me everything about me just by searching for me on the internet. It’s kind of hard to feel sorry, when others like me already voluntarily put our information up on the internet e.g facebook. And it reminds me of what happened to Summer. How that troll was able to find out where she lives etc;. To truly protect yourself, you shouldn’t put the information of where you live etc; up on the internet at all. Though, I don’t  think you or anyone should have the same password for everything. I have different passwords across the boards for different things, just to be safe. I don’t know. I don’t think anything is truly safe. 

  • @Hinase - People being able to find your information online is a lot different than someone gaining access to a database of 75 million peoples’ information. For example you said your friend was able to find your class schedule and your student ID number. Your friend already knew your full name though. Anyone with a phone book can go through and get names and addresses. That really doesn’t mean much. The hackers got a lot more though. This is from the email I got:

    “we believe that an unauthorized person has obtained the following

    information that you provided: name, address (city, state, zip), country,

    email address, birthdate, PlayStation Network/Qriocity password and login,

    and handle/PSN online ID. It is also possible that your profile data,

    including purchase history and billing address (city, state, zip),

    and your PlayStation Network/Qriocity password security answers may

    have been obtained”

    Even if someone is just trying to fuck with Sony, the information is worth a lot of money. They may sell it to someone with malicious intent just to get additional funds for their next campaign against other evil corporations.

    Also, getting your money back from a bank is the least of your worries in a identity theft situation. Your credit could be permanently affected and you may never be able to get a loan for a home or a vehicle. You could even be charged with a crime that someone else committed while using your identity. It’s insane but it is true.

    The point is Sony has a responsibility to it’s customers to keep their information safe. I’m sure with the lawsuits against them a thorough investigation will take place and Sony’s negligence will be revealed.

  • @AtheistInfidel - My friend actually didn’t know my whole name. Or even my real name because I don’t tell many people outside of xanga or facebook my real name. I don’t know. I don’t know. I do agree with you that Sony does have the responsibility to look after this information. But I don’t know. I remember reading an article way back on how Bank of America was hacked (a month ago). So I can’t really say for certain. I’m not sure. I don’t know many people with good credit to begin with. My bf is the only one that has decent credit honestly. I just don’t know. I can’t entirely formulate an opinion about this. I just can’t but I understand what you’re saying though. I agree with that..but I don’t know. I don’t know much of this stuff…so I can’t really say with any certainly. 

  • @Ikwa - You silly kids and your communist brainwashing

  • @Sunrie - I am a 40 year old woman LOL Ok Old timer!

  • @Ikwa - Oh, sweetheart, that isn’t something you want to be bragging about and posting out there. Looks like the educational program you underwent isn’t any better than the poor kids have to deal with today.

  • @Sunrie - 

    I was privately educated by a Christian school. Hmm yeah it sucked I wish I had public school education but I’m not ashamed. Even my husbAnd who served in the military knows what I mean. That fox news is false news.

  • Came back to somewhat retract my previous statements.

    @AtheistInfidel - Yeah my comment from before was just me willing to give them the an initial benefit of the doubt. However, after a few PSN newsletters, the website still not having any information, and we’re probably both on a similar page with the myriad of other issues it’s pretty clear they’re essentially, at best, being silent about this. There was not a single follow up, it’s as if it hadn’t really happened, or that it’s been fixed despite PSN still being down. For how serious an issue this is this is simply unacceptable.

    Only reason I’m personally a bit laid back is b/c of my account/password combinations, and that in all likelihood the CC I used is under a payment protection plan, which as gimmicky and wasteful as that might sound turns out to be pretty convenient in cases like this, at least as far as stress goes.

  • @Ikwa - If he posts again please don’t even waste your time. He was essentially telling kristen what she could or could not do, not advising, and can’t even stand for either being done to him. Or rather he can stand it, except only if he can retort with the first degrading thing he can think of, which has absolutely nothing to do with the person he’s talking to (Exhibit A: me + royal wedding… you can see from my blog history I’m not really concerned with that sort of stuff… heck I don’t even have cable television and that royal wedding stuff has not come up on  local news at all, Exhibit B: random name-calling, gets called out on his stupidity, tries to use baseless redirection instead.)It’s just not worth it. We said our piece, leave it be.

  • @versatil - LOL are you telling me not to answer him LOL OK buddy! I love antgonizing antagonists! HA HA I never get hurt by trolls. :)

  • @Ikwa - ” HA HA I never get hurt by trolls. :) ” ah okay that’s good. =) i’ve been dealing with trolls even more since I’ve been off my blog, wouldn’t want other people to put up with that nonsense. the heart is better served doing other things, thinking other thoughts, and speaking better than that.

  • @versatil - 

    ;) I like hearing others views. But sometimes people can be aim obnoxious. Everyone has right to their opinion as long as they aren’t name calling yeah I’ll stop feeding the troll. Hang in there too.

Post a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *