Choze Posted April 27, 2011 Posted April 27, 2011 (edited) http://blog.us.playstation.com/2011/04/26/clarifying-a-few-psn-points/ Patrick Seybold: There's a difference in timing between when we identified there was an intrusion and when we learned of consumers' data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident.It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon . Keeping the network offline was a good idea. Edited April 27, 2011 by Choze
Guy Posted April 27, 2011 Posted April 27, 2011 Did anyone receive an email from Sony about this yet? I know they're being sent out.
Wesley Posted April 27, 2011 Posted April 27, 2011 Nope, no email from them. I also found out that my email registered with PSN is waaaaay old anyway. So I'm not too worried about other accounts getting hacked because it's the wrong email anyway.
Emerald Emblem Posted April 27, 2011 Posted April 27, 2011 At times like this I'm glad I mainly use my PS3 for the single player games.
drahkon Posted April 27, 2011 Posted April 27, 2011 At times like this I'm glad I mainly use my PS3 for the single player games. This. But I also have an account so they (whoever they are) can still get my private data. So relieved that I don't use a credit card, though.
Emerald Emblem Posted April 27, 2011 Posted April 27, 2011 This. But I also have an account so they (whoever they are) can still get my private data. So relieved that I don't use a credit card, though. That's true, I've used my debit card though, my bank account is pretty much empty anyway so hopefully they can't take anything out, still a big concern however.
Jon Posted April 27, 2011 Posted April 27, 2011 Did anyone receive an email from Sony about this yet? I know they're being sent out. Yeah, got it about an hour ago. It's exactly as what is in the their last update on the EU blog. I fail to see why everyone keeps banging on about Sony not telling them a week ago about the breach in personal details, especially in light of Sony only knowing this themselves yesterday. Perhaps they can time travel back a few days and let us know 72 hours earlier and that will make everything peachy.
The-Ironflame Posted April 27, 2011 Posted April 27, 2011 (edited) Somebody tried to use my card on Netflix which I don't use, perhaps as a test purchase but it was declined thankfully. I have to wait for my new card now because it got blocked. Now I wish I could delete my card from Xbox live aswell. P.S Yes I own a PS3 and 360 right now. Edited April 27, 2011 by The-Ironflame
Jon Posted April 27, 2011 Posted April 27, 2011 I'm sure I read that although the hackers could theoretically have gotten your Card Number and Expiry Date, they would not have got your security code. Without that, you can't really use the card anyway.
ReZourceman Posted April 27, 2011 Posted April 27, 2011 Somebody tried to use my card on Netflix which I don't use, perhaps as a test purchase but it was declined thankfully. I have to wait for my new card now. Now I wish I could delete my card from Xbox live aswell. P.S Yes I own a PS3 and 360 right now. Eeeuuughh. I don't want stuff to actually happen. Hassle FTLOSE. Plus I've not been checking my bank because I'm terrified (of how little I have to live on). :/ Hmmm. God. Can't even pwn n00bs.
Jon Posted April 27, 2011 Posted April 27, 2011 From Eurogamer. Sony also pointed out that it's only your credit card number and expiration date that may have been compromised, not the security code, diminishing the risk of fraudulent use. I've never seen a website yet that doesn't ask for the security code, so I fail to see how they could use it.
flameboy Posted April 27, 2011 Posted April 27, 2011 I'm sorry JonSt don't mean to sound like an arsehole or be argumentative for the sake of it. BUT can we really be sure this is true? It's taken them this long to realise that credit card info may have been taken, their initial statement didn't say that for sure. Also I want them to remove my card data from their servers before they turn it back on. What if I'm not home or whatever and some nobhead despite their best efforts hacks them straight after and gets them again..... It's pretty obvious I've lost faith in Sony as an online service provider.
Daft Posted April 27, 2011 Posted April 27, 2011 I can't help but find this all utterly yawful. Yeah, Sony fucked up but no one got hurt. If the hackers did get card information, which isn't even confirmed yet, they most likely don't have enough to do anything with, and if they do all banks have measures against fraud AND if that wasn't enough Sony are legally required to cover you if money is stolen for you.
Jon Posted April 27, 2011 Posted April 27, 2011 I'm sorry JonSt don't mean to sound like an arsehole or be argumentative for the sake of it. BUT can we really be sure this is true? It's taken them this long to realise that credit card info may have been taken, their initial statement didn't say that for sure. Also I want them to remove my card data from their servers before they turn it back on. What if I'm not home or whatever and some nobhead despite their best efforts hacks them straight after and gets them again..... It's pretty obvious I've lost faith in Sony as an online service provider. It could be be bullshit, yet i'd question why they'd go into specifics about exactly what card details had been compromised if they weren't totally sure.
Choze Posted April 28, 2011 Posted April 28, 2011 I'm sorry JonSt don't mean to sound like an arsehole or be argumentative for the sake of it. BUT can we really be sure this is true? It's taken them this long to realise that credit card info may have been taken, their initial statement didn't say that for sure. Also I want them to remove my card data from their servers before they turn it back on. What if I'm not home or whatever and some nobhead despite their best efforts hacks them straight after and gets them again..... It's pretty obvious I've lost faith in Sony as an online service provider. Take it easy. No need to panic. All banks will cancel the cards automatically if its found that credit cards have been compromised. So far practically all banks are on caution and not cancelling cards. Either way no need to worry. Also an external security organisation is handling the investigation for many reasons. So far its very textbook and real life is nothing like CSI where everything is instant(or hours). Also the only secure online network is an offline one(as cheesy as it sounds). Sony are already being extra cautious by not bringing the service back online. My advice would be to simply make sure your new email and passwords are safe and also your questions and answers. Dont forget these two things to change.
flameboy Posted April 28, 2011 Posted April 28, 2011 Take it easy. No need to panic. All banks will cancel the cards automatically if its found that credit cards have been compromised. So far practically all banks are on caution and not cancelling cards. Either way no need to worry. Also an external security organisation is handling the investigation for many reasons. So far its very textbook and real life is nothing like CSI where everything is instant(or hours). Also the only secure online network is an offline one(as cheesy as it sounds). Sony are already being extra cautious by not bringing the service back online. My advice would be to simply make sure your new email and passwords are safe and also your questions and answers. Dont forget these two things to change. The usual brand of Choze bullsh!t! I actually rang my bank and they advised cancelling my card and that is their line to all customers. I didn't as got a couple of payments to go through other side of bank holiday and new card wouldn't arrive in time. Banks don't automatically cancel cards for such stuff, especially if it happens online (admittedly somewhat unlikely if Sony are right in that security codes for cards weren't compromised) as to the bank it looks like a regular transaction. I've had it happen to me when Natwest themselves lost some data.
Cube Posted April 28, 2011 Posted April 28, 2011 (admittedly somewhat unlikely if Sony are right in that security codes for cards weren't compromised) I think the security codes are safe as they aren't stored anywhere.
Ike Posted April 28, 2011 Posted April 28, 2011 From the new FAQ: Q: Was my personal data encrypted? A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack. Q: Was my credit card data taken? A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however, that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system. http://blog.eu.playstation.com/2011/04/28/playstation-network-and-qriocity-outage-faq/ Sony are going to force a password change next time you log in as well. Anyone remember if Sony required to use alphanumerics on the passwords, just remembered my Dad has a PSN account but I can't remember his password >_<
Sheikah Posted April 28, 2011 Posted April 28, 2011 I can't help but find this all utterly yawful. Yeah, Sony fucked up but no one got hurt. If the hackers did get card information, which isn't even confirmed yet, they most likely don't have enough to do anything with, and if they do all banks have measures against fraud AND if that wasn't enough Sony are legally required to cover you if money is stolen for you. While this most probably won't result in us losing our savings, there's no denying that they lost our personal details, meaning we could in future play victim to ID theft. As for the credit card details, it's safer to cancel your card than worry about a fraud unit picking up the trail and your bank reimbursing you down the line.
flameboy Posted April 28, 2011 Posted April 28, 2011 I think the security codes are safe as they aren't stored anywhere. so how do they authorise payments? bizzare seem as everything else requires that! Just proves though if such info was taken then there is chance it could be used...
ReZourceman Posted April 28, 2011 Posted April 28, 2011 Anyone remember if Sony required to use alphanumerics on the passwords, just remembered my Dad has a PSN account but I can't remember his password >_< I believe they did, as my PSN password is the password of mine that has a number in. Or one of them, as opposed to the one that does not have a number in.
Choze Posted April 28, 2011 Posted April 28, 2011 (edited) Pretty sure you can make any PSN password as in they dont require mixing of letters or numbers. The usual brand of Choze bullsh!t! I actually rang my bank and they advised cancelling my card and that is their line to all customers. I didn't as got a couple of payments to go through other side of bank holiday and new card wouldn't arrive in time. Banks don't automatically cancel cards for such stuff, especially if it happens online (admittedly somewhat unlikely if Sony are right in that security codes for cards weren't compromised) as to the bank it looks like a regular transaction. I've had it happen to me when Natwest themselves lost some data. You're a dumb idiot. By all means cancel your cards 24 times a year. Edited April 28, 2011 by Choze
LegoMan1031 Posted April 28, 2011 Posted April 28, 2011 While this most probably won't result in us losing our savings, there's no denying that they lost our personal details, meaning we could in future play victim to ID theft. As for the credit card details, it's safer to cancel your card than worry about a fraud unit picking up the trail and your bank reimbursing you down the line. This. I already have ID protection and the lark (i get a txt if anyone applies for credit in my name etc) after being done in the past by unknown means. I have changed my e-mail address, changed my passwords (i use the same one for everything... opps!), cancelled my debit card and ordered a new one (i have been meaning to do that anyway as it doesn't always work anymore- this just prompted a change). Yes they may not have all the details they need... but i would rather not wait and find out.
Recommended Posts