*ren* PSN Down, Customer Info Compromised

[-tkf-]

uh?

http://www.psx-sense.nl/46008/playstation-network-log-van-de-hacker-leaked/

Needs Google Translate

Comes from this i think:
http://streetskaterfu.blogspot.com/

 

[Zaphod]

I use a credit card thats not tied to my main bank account(s).

I'd like for my bank to provide some sort of "instant" credit/debit card, where one can get a valid CC number generated with a set expiration date, limit etc. within their online banking system. Would make it easier to compartmentalize online purchases. Haven't seen this kind of service available in Europe, though.

One place I did not sign up for, was www.cdon.com/no/se etc, they wanted my social security number even when I wanted to pay with credit card. Ie I did not buy anything from them.

Off topic, but they don't require the social security number unless you choose deferred billing as the payment option (in which case it's used for a credit check).

 

[Arwin]

Here is the official support page for the US:

http://us.playstation.com/support/answer/index.htm?a_id=2185

They are helping you take any precaution necessary for credit card issues.

It also seems that Sony is taking a more active stance in communication, although I'm not 100% certain this is official. But you can see replies to this engadget article from SonyComputerEntertainment at least:

http://www.engadget.com/2011/04/26/...s-a-compromise-of-personal-inf/#disqus_thread

As for the rest, it sucks, but all I can see right now is that I'll have to change my password. I also have a limited use password for this type of thing, and I've changed that password elsewhere already yesterday.

I do not believe the credit card information is actually compromised, and neither do Sony. They're just asking you to be vigilant just in case. I heard from some people calling their credit card company that these companies are aware of the situation and also seem to believe you don't need to take any additional steps.

 

[Nesh]

I canceled my card just in case.

I hope they bust those hackers. Now I am worried in case that all of our purchase history is lost in the process so all the stuff we bought so far wont show as bought/owned by us.

 

[Cheezdoodles]

I do not believe the credit card information is actually compromised, and neither do Sony.

How do you know sony is truthful on this matter? Based on how they acted so far, in my book there is nothing stopping them from lying about this just to not spread panic. Stupidity is usually followed by stupidity.

They're just asking you to be vigilant just in case. I heard from some people calling their credit card company that these companies are aware of the situation and also seem to believe you don't need to take any additional steps.

I was adviced to block my CC ASAP.

 

[JPT]

Social security number in norway is public information btw.

No its not, its not that hard to calculate what might possibly be someones number if you have their date of birth.
Its not classified as sensitive information, but not everybody is entitled to ask and store it either.

 

[JPT]

I'd like for my bank to provide some sort of "instant" credit/debit card, where one can get a valid CC number generated with a set expiration date, limit etc. within their online banking system. Would make it easier to compartmentalize online purchases. Haven't seen this kind of service available in Europe, though.

That would be nice, but I expect that the extra "work" the banks have to do, will mean it will be expensive.... Banks sucks when it comes to service.

Off topic, but they don't require the social security number unless you choose deferred billing as the payment option (in which case it's used for a credit check).

That might be, but I wanted to pay by credit card and they would not let me unless I added my social security number, this was a year or two back, might have changed.

Another thing that annoys me, Sony is really hot and bothered about localisation of their games so that they "delay" releases due to it. But when they have something as crap as has happend now, the norwegian page just points to the english information and FAQ. Also you can call support at about 1 USD per minute if you want

 

[Arwin]

I was adviced to block my CC ASAP.

What kind of company do you have your credit card? Do you have something like Visa or some local bank?

Hmm, now I'm sounding like someone who is phishing. Don't tell me the name of the bank.

I checked my statements and also set an sms alert on payments, just in case.

 

[makattack]

Are the people whose accounts have been compromised being sent an email from Sony so that we know? I haven't received any email yet so I'm wondering if I'm in the clear.

I received an email with locale specific information (my address is registered in Massachusetts in the US). My guess is that it may take them some time to sort though all the different legal flavors of consumer rights/privacy/etc laws all over the World.

Under Massachusetts law, you have the right to obtain any police report
filed in regard to this incident. If you are the victim of identity theft,
you also have the right to file a police report and obtain a copy of it.

Massachusetts law also allows consumers to place a security freeze on their
credit reports. A security freeze prohibits a credit reporting agency from
releasing any information from a consumer's credit report without written
authorization. However, please be aware that placing a security freeze on
your credit report may delay, interfere with, or prevent the timely approval
of any requests you make for new loans, credit mortgages, employment, housing
or other services.

 

[Cheezdoodles]

What kind of company do you have your credit card? Do you have something like Visa or some local bank?

Hmm, now I'm sounding like someone who is phishing. Don't tell me the name of the bank.

I checked my statements and also set an sms alert on payments, just in case.

Visa, but i have it through my bank, which is not what you would define as a local bank but...

 

[Gubbi]

So how do you ever purchase anything online?

The problem is storing credit card information in the first place.

I much prefer the direct-debit restrictions as they exists in Denmark (and Norway), where you aren't allowed to store payment card info.

When the user enters his card info it is immidiately submitted to a payment broker/gateway together with amount and a ticket is obtained, then the card info is (*must be*) thrown away. The ticket is subsequently used to transfers the funds, it can only be used once and only for the amount agreed (or less).

Yes, this means you need to enter you credit card number everytime you make a purchase. Once you've made 3 purchases in a couple of days you have memorized the info.

Cheers

 

[mrcorbo]

It could be someone looking to hurt Sony, or it could be someone looking to make a load of cash off of some valuable information. Which do you think is more likely?

Both are equally likely

Not really. Wouldn't you expect a hacker group looking to hurt Sony to have been shouting from the rooftops what they had accomplished long before Sony decided to let the cat out of the bag? They could have ramped the FUD up to the nth degree but were instead silent. It doesn't make any sense.

 

[Carl B]

Well this whole thing is definitely very uncool. Nigerian scammers and opportunists try several times per week to get this same information from me, and then to see that it's been swiped by someone whose intentions are completely unknown - but probably not benign - ugh. Identity theft/fraud risk for sure, forget about the CC info. Hell if I were the thief, I would just sell this info to however many groups would be willing to pay for it, so it's a manifold threat so far as I'm concerned.

Of course that's just life in the year 2011. As others have mentioned, what really makes you shake your head is the absolute pathetic nature of Sony's response and communications strategy to the public. Sony has been lacking any cohesive PR and messaging for several years now IMO; hopefully this incident turns into a wake-up call for them.

 

[Scott_Arm]

I just remembered that I never updated my PSN info when I moved over the summer. Awesome! If I choose to go back to PSN, it'll be fake addresses from here on.

 

[AntShaw]

I too am very curious about our purchase history for valid accounts and if that is going to be a concern once the network comes back up.

 

[JB9861]

I got it for my Korean account, so it's clearly not limited to US alone. But there are other accounts I didn't receive it for - which makes it hard to deduce if it affects ALL of PSN everywhere or not.

Every account regardless of region in all likelihood according to the ongoing investigation that's taking place.

 

[betan]

It pays to be paranoid sometimes, though I cannot believe I gave my real birthday to PSN.

I'm curious though how they manage to compromise those passwords. Being hacked is something, storing plain passwords is something else.

Well at least they can finally make a movie about this.

 

[KKRT]

Being hacked is something, storing plain passwords is something else..

I just cant believe that they could store passwords in plain text, it would be really beyond stupid. Its probably only PR talk about hash strings.

Ps. Fortunately this whole problem misses me, i didnt give correct info about my address and name, i dont share the same passwords between important sites and i havent bought anything with CC on my account.

 

[habbe]

Who claimed that they stored them in plaintext ?.

Anyway PSN got hacked it's going to be a safer place,, Security is like a black hole for money, you can pour more and more money in to security it's still not secure, but it's more secure than before..

 

[Cyan]

It seems like some people in the financial department has been fired and Sony added some job vacancies in this webpage:

http://sandiego.craigslist.org/nsd/sof/2345999632.html

The credit card information has been compromised? Some people from countries without Netflix have been charged with payments of that service, out of nowhere.