I don't watch much TV but I know it was on 3 news programs as the kids called me (morning, afternoon and evening)
*ren* PSN Down, Customer Info Compromised
- Thread starter Cheezdoodles
- Start date
I don't watch much TV but I know it was on 3 news programs as the kids called me (morning, afternoon and evening)
djskribbles
Legend
The scary thing is, it's not the same password. I don't 100% remember my PSN password, but I'm 100% positive it's not the same as my email. If it is what I think it was, it is pretty similar though.
I've changed my password and I'm gonna monitor my sent folder to make sure this shit stops.
To confirm I've received the EU email, so it is just a slow communication. For the record I'm on holiday ATM and spent money on internet access with a view to buying Under Siege, so this PSN outtage actually has a monetray cost for me. Had I known PSN would remain down, I'd have spent less on internet access.
Class action lawsuit, here I come!
edit: As for Sony's imcompetance versus defenders, IMO Sony have been almost complete chumps this generation. I regard almost all their choices and actions since PS3's anouncement as negative or benign, with their good stuff only coming after a cock-up. They are nothing like their PS and PS2 hey-day, for whatever reason. This is just the latest of any number of massive failures.
Class action lawsuit, here I come!
edit: As for Sony's imcompetance versus defenders, IMO Sony have been almost complete chumps this generation. I regard almost all their choices and actions since PS3's anouncement as negative or benign, with their good stuff only coming after a cock-up. They are nothing like their PS and PS2 hey-day, for whatever reason. This is just the latest of any number of massive failures.
I got my (UK) email yesterday and my (JPN) email on Tuesday. I'm not particularly concerned with this as my email is a throw away account fed from a proxy account on a server I manage. I've renewed my card as a precaution. Not because I'm worried about money getting spent but more because my bank will freeze my account at the slightest hint of dodgy dealings.
I find Sony's response, or rather the delay, kind of annoying but if their security has been compromised so thoroughly that they didn't know what had been accessed, and what else did Sony have on those servers? PS4 details, infrastructure records, details of their new security for the PS3?, and at the same time they appear to have suffered hardware failure of some kind or even a direct breach via a data centre staff member. It makes it kind of understandable that they were somewhat reticent about making a statement without knowing the facts.
And though Sony have some very obvious issues with the way in which they handle and store end user data (plain text db's I mean really!?) it isn't their fault this happened. Without the malicious intent of external parties the system would have functioned perfectly well as it was and we would have happily gone on our way. I can only blame the hackers concerned with the attack for the loss of my PSN access. Not Sony. And if they catch whoever did this (not very likely) and if they turn out to be some retard script kiddie running metasploit or some RFP derived code then I hope their identities are made public to the same 77 million accounts that have been deprived of the PSN. Let the gamers work out the justice for them.
I find Sony's response, or rather the delay, kind of annoying but if their security has been compromised so thoroughly that they didn't know what had been accessed, and what else did Sony have on those servers? PS4 details, infrastructure records, details of their new security for the PS3?, and at the same time they appear to have suffered hardware failure of some kind or even a direct breach via a data centre staff member. It makes it kind of understandable that they were somewhat reticent about making a statement without knowing the facts.
And though Sony have some very obvious issues with the way in which they handle and store end user data (plain text db's I mean really!?) it isn't their fault this happened. Without the malicious intent of external parties the system would have functioned perfectly well as it was and we would have happily gone on our way. I can only blame the hackers concerned with the attack for the loss of my PSN access. Not Sony. And if they catch whoever did this (not very likely) and if they turn out to be some retard script kiddie running metasploit or some RFP derived code then I hope their identities are made public to the same 77 million accounts that have been deprived of the PSN. Let the gamers work out the justice for them.
That is amazingly poor reasoning. Anyone sensible is understanding of the criminal intent and activity in all walks of life. It's YOUR job to protect yourself from these elements. In respect to a global corporation that holds critical information on millions of users, it's paramount that security come before convenience, budget and functionality. You can play the victim card all day but in the end, the damage is done.
The level of ignorance displayed by Sony in maintaining passwords in clear text is mind boggling. Sony basically ended coming across with "you best to not trust us with your information."
They weren't reticent in shutting down the PSN though, that is for sure, which implies to me they knew quite clearly they were in the midsts of something serious, and something that linked back to and involved their membership. I mean I can understand some people thinking that Sony is getting the heat too hard, but actually apologizing/explaining for them? I don't know.
It's a little ironic also that in this particular case, the defense for the lack of seriousness of this situation and its handling came from someone who quite obviously takes their own net anonymity and ID protection quite seriously. That is all well and good for you and your throw away account, but I use my *real* email addresses, name, etc when I sign up for accounts like these, and I don't think I'm in any sort of minority, know what I'm saying?
Maybe if you were down here in 'exposed' land you would view things a little differently wrt Sony's fabulous action times. It's a little ironic also that in this particular case, the defense for the lack of seriousness of this situation and its handling came from someone who quite obviously takes their own net anonymity and ID protection quite seriously. That is all well and good for you and your throw away account, but I use my *real* email addresses, name, etc when I sign up for accounts like these, and I don't think I'm in any sort of minority, know what I'm saying?
Pretty much this. People tend to use proper information for trusted sources and until last week, I'd assume most people considered PSN to be a trusted source. There was no reason to believe this was some hobby/enthusiast project or a shady company you would think twice about when creating a service account. This is Sony.
The full effects of this won't be immediate for compromised users. Depending on how long before this information is distributed and maliciously used, you could see ongoing reports of identity thefts and hijacks for some time. If a common source for such is prior PSN access, then it'll be an easy association for people, right or wrong.
The level of ignorance displayed by posters who believe such nonsense is equally mind-boggling...
Even in the case of the Gawker breech, the passwords were encrypted (just not salted).
Did you read Sony's FAQ?
"Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack."
"
Even if the people wich did this, do take a chance on doing this, after the security upgrades, it's pretty slim chance that it should be your account they did try with..
Afterall there is 77 million accounts wich might have been stolen, if worst case scenario is true, there still is safety in numbers.
Noone is going to contact 77 million people face-to-face directly, that's not realistic to expect.
Toyota didn't do that when they had floormats wich interferred with the braking system on their cars, they contacted their retailers, and media - said the car-model were recalled.
The only contact-information Sony has for you wich they are sure might be correct, is your e-mail address. You may or may not have filled in the correct address, when registering.. You did not fill in your phone number, or credit card information, with your account. So that may be false.
What Sony is doing is sending out e-mails, telling you what might have been stolen from them, and you should be carefull of what you give out, so noone gets the last remaining information.
Sony will not send you any e-mail's asking for your creditcard information, social security or similar, if that happens you are most likely beeing targetted for identity theft.
So I think it's unlikely that there is any kind of e-mail activation.
The safest thing is just to wait and see what happens when you turn on your PS3/PSP with the updated firmwares.
As well as looking at your bank-account.Yeah, a writeup on how it all went down, so everybody can learn how to do this, is just what we need..
That way, if someone steal your money, you can just steal it back.. GeoHot is so smart..
The level of ignorance displayed by posters who believe such nonsense is equally mind-boggling...
Even in the case of the Gawker breech, the passwords were encrypted (just not salted).
God I love irony.
I found it rather amateurish and full of poor assumption. I mean seriously, the PS3 isn't the only PSN client. In fact, considering the knowledge the hacker community has of the various platforms that access the PSN, PS3 one of the poorest ones to use as an attack vector... What happened to the critical thinking skills around here?
Why is using the PS3 one of the poorest ways to attack PSN? If what he says is true, about PSN trusting the PS3 as a client, more than it should, then his speculation sounds reasonable.
Similar threads
