Jump to content
N-Europe

PlayStation 3 Console Discussion

McPhee

By McPhee
in Other Consoles

 Share

Recommended Posts

  • Replies 13.9k
  • Created
  • Last Reply

Top Posters In This Topic

  • Daft

    1798

  • flameboy

    1499

  • dwarf

    1450

  • Hero-of-Time

    479

Popular Days

Top Posters In This Topic

Popular Days

Shorty Explorer

Shorty

Posted
Posted

Changing your password? What's the point in that? They already have your details. They're not trying to get your Everquest alts. Change your credit card number.

flameboy Newbie

flameboy

Posted
Posted
Changing your password? What's the point in that? They already have your details. They're not trying to get your Everquest alts. Change your credit card number.

 

for the future....whats the point in adding a new credit card number later down the line to an account that someone else has the password to? I know its rare to have you card details displayed to actually read but still...just like they've advised if you use the same password for anything else then you should change it.

Happenstance Rising Star

Happenstance

Posted
Posted

Sony implicates 'Anonymous' in response to Congress

 

The data breach of Sony, including PlayStation Network and more recently-discovered Sony Online Entertainment, attracted the attention of Congress. Sony decided not to appear personally at a data theft hearing, but Kaz Hirai has given the company's official response, which implicates the hacker group Anonymous for the attacks.

 

In a letter to the US House of Representatives Subcommittee on Commerce, Manufacturing, and Trade (summarized on the PlayStation Blog), Hirai explains that the hackers left a calling card. "When Sony Online Entertainment discovered this past Sunday that data from its servers had been stolen, it discovered that the intruders had planted a file on one of those servers named 'Anonymous' with the words 'We are Legion'," Hirai explained.

 

Though the the SOE theft was discovered later than the PSN attack, it took place at the same time by exploiting shared infrastructure. Sony emphasized that it hadn't suffered a second attack, but rather that SOE's intrusion took longer to detect. That means that if Anonymous is responsible for the SOE attack, it's responsible for PSN as well.

 

For its part, Anonymous has denied involvement in the attacks, but even in that denial admitted that "other Anons" may have "acted by themselves." When the group apologized for inconveniencing users with denial-of-service attacks, a statement pointed out, "different operations are 'run' by different people." The group noted that it is "comprised of people with diverse points of view, of which not all coincide with one another."

 

Hirai also gave three reasons why it may have taken Sony so long to detect the problem: the sophistication of the attack, an unknown system vulnerability, and the fact that Sony was focusing on the denial of service attacks. "Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," he said. "In any case, those who participated in the denial of service attacks should understand that - whether they knew it or not - they were aiding in a very well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world."

 

The letter also says Sony shut down networks "as soon as threats were detected," but reveals that they noticed off-schedule system reboots due to "unauthorized activity" taking place on 4/19 -- a full day before the PSN shutdown on 4/20, and two weeks before Monday's SOE shutdown.

 

The House letter to Hirai became part of a data theft hearing, planned before the Sony attacks, that is currently underway. You can watch it live on C-SPAN.

 

http://www.shacknews.com/article/68328/sony-implicates-anonymous-in-response

Pit-Jr Newbie

Pit-Jr

Posted
Posted
One other point to clarify is from this weekend’s press conference. While the passwords that were stored were not “encrypted,†they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form.

 

Thats somewhat comforting. They probably should have mentioned that earlier

Ike Community Regular

Ike

Posted
Posted (edited)

 

But...like....***** would be....okay, right?

 

Only slightly :heh:

 

And especially not when you post your password on the Internet :P

Edited by Ike
Not sure if that was a real password >.>
Happenstance Rising Star

Happenstance

Posted
Posted

Anonymous denies PSN credit card theft

 

Hacktivist collective Anonymous has denied stealing credit card information from PlayStation Network.

 

"If a legitimate and honest investigation into credit card theft is conducted, Anonymous will not be found liable," the group declared in a press release sent to VentureBeat.

 

"While we are a distributed and decentralised group, our leadership does not condone credit card theft.

 

"We are concerned with the erosion of privacy and fair use, the spread of corporate feudalism, the abuse of power and the justifications of executives and leaders who believe themselves immune personally and financially for the actions the undertake in the name of corporations and public office."

 

The statement answers yesterday's finger-pointing by PlayStation boss Kaz Hirai. He told Congress in an open letter that Anonymous' DDOS attacks on PlayStation Network opened the door for the credit card thieves.

 

Anonymous does not deny attacking PlayStation Network, merely its involvement with the stolen credit card details.

 

In his letter, Hirai said that PlayStation Network stored, globally, around 12.3 million credit card details. Does that mean only 16 per cent of the 77 million PSN account holders buy content? This excludes people buying PSN content on pre-paid cards.

 

Hirai went on to say that 5.6 million Americans had their credit card information stored on PSN.

 

Those numbers, he elaborated, incorporate both active and expired credit cards.

 

PlayStation Network went down on 20th April in the US. Sony plans to reinstate PSN functionality in a phased roll-out this week. When this will happen in Europe the platform holder won't say.

 

"We'll announce more details of the phased roll-out, along with specific timings for the UK & Europe, in due course," a spokesperson reiterated to Eurogamer this afternoon.

 

http://www.eurogamer.net/articles/2011-05-05-anonymous-denies-psn-credit-card-theft

 

This is all I can picture when they talk about their leaders:

 

TheRing.png

Cube Proficient

Cube

Posted
Posted

But it's a group of random unconnected people. It would be like Obama saying "I wouldn't hack the PSN, so it can't have been anyone in the USA".

Daft Newbie

Daft

Posted
Posted

Kotaku summed it up pretty well, "The dilemma presented by this new Sony hack shows how Anonymous' greatest asset—its amorphous, grassroots nature—can also be its greatest weakness."

Ryan Newbie

Ryan

Posted
Posted

There's never been a date announced, ever. All they've said is some rollouts should start "this week". In my book that means, Sunday night latest.

flameboy Newbie

flameboy

Posted
Posted
There's never been a date announced, ever. All they've said is some rollouts should start "this week". In my book that means, Sunday night latest.

 

i'm getting mixed up they said week beginning second of may which like you said leaves up to Sunday night.

Jon Newbie

Jon

Posted
Posted

They posted a message last Thursday saying some function would be restored a week from the day before that (Wednesday). So something should be back up and running by now.

 Share
Go to topic listing
×
×
  • Create New...