Jump to content
N-Europe

Recommended Posts

Posted
Here's some NeoGAF quality quotes.

 

 

Step 1: Go through all your credit card statements.

Step 2: Call your credit bureaus to have a fraud alert placed on your record.

Step 3: Join in any class action lawsuits filed against Sony.

 

What is wrong with this one?

  • Replies 14.8k
  • Created
  • Last Reply

Top Posters In This Topic

  • Daft

    1798

  • flameboy

    1499

  • dwarf

    1450

  • Choze

    925

Top Posters In This Topic

Posted

Answers to your questions.

 

Update on PSN Service Outages

 

Q.1 When did you realise the system had been intruded?

 

We discovered between April 17 and April 19 there was an illegal and unauthorized intrusion into our network.

 

Q.2 How did you know that the system was intruded?

 

We watch for any issues that may be raised with respect to security and monitor for such issues both internally and externally.

 

Q.3 What is the main reason to this problem? Which parts of the system were vulnerable to the intrusion?

 

We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we will not comment further on this case.

 

Q.4 What action did you take (are you taking)? Is there any possibility of further unauthorized access?

 

As soon as we learned of this issue, 1) we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services, 2) we have also engaged an outside, recognized security firm to conduct a full and complete investigation into what happened, and 3) quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

 

Q.5 How many were affected? How many per each region? What is the latest status of PlayStation Network registered account/ operating countries.

 

Our investigation indicates that all PlayStation Network/ Qriocity accounts may have been affected.

 

Q.6 Does that mean all users’ information was compromised? Tell us more in details of what personal information leaked.

 

In terms of possibility, yes. We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password, login, password security answers, and handle/PSN online ID. It is also possible that your profile data may have been obtained, including purchase history and billing address (city, state/province, zip or postal code). If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. If you have provided your credit card data through PlayStation Network or Qriocity, it is possible that your credit card number (excluding security code) and expiration date may also have been obtained.

 

Q.7 Have you notified those users?

 

We are sending out e-mails directly to these users to their e-mail address registered on the PS Network accounts. Also, we have posted web notices, and additional necessary procedures have been followed by each region.

 

Q.8 Have you received reports or claims that their PSN ID information/ credit card had been used improperly?

 

Not at this point in time.

 

Q.9 I want to know if my account has been affected.

 

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

 

Q.10 What should I do to prevent any unauthorized use of my (credit card) personal information?

 

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports.

 

Q.11 Since when have PSN/Qriocity become unavailable and in which region?

 

PSN/Qriocity services have not been available since April 20 (US time) in all regions.

 

Q.12 How come it is taking so much time to resume the service?

 

We are taking the investigation seriously. We decided to keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services.

 

Q.13 How serious is this? Have the hackers broken the security on PSN/Qriocity? Are you taking necessary measures to prevent such outage happening in the future?

 

Since this is an overall security related issue, we will not comment further on this case but we are working to restore and maintain the services, including countermeasures against future intrusions.

 

Q.14 When will the service resume?

 

We are taking the investigation seriously. We will keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services but are working hard to resume the services as soon as we can be reasonably assured security concerns are addressed.

 

Q.15 Seems like SOE service was also not available/ suffering outage. Is this true? Is this due to the same reason as the PSN/Qriocity outage?

 

SOE's service is available although a service interruption due to an external attack did occur. A thorough investigation is ongoing.

 

Q.16 I want my money back (subscription fee, content) since the PSN/Qriocity was not available.

 

When the full services are restored and the length of the outage is known, we will assess the correct course of action.

 

Q.17 There seems to be some games that cannot be played even offline?

 

Depending on the game titles, but mainly PSN games, some may require access to PSN for trophy sync, security check, etc.

Posted

I like how US customers get this credit advice at the end of their statement on who they can contact but us EUer's don't get any such treatment...

 

It's a proper mess to be fair and there are gonna be a ton of people expecting blood for this.

Posted (edited)
I like how US customers get this credit advice at the end of their statement on who they can contact but us EUer's don't get any such treatment...

 

It's a proper mess to be fair and there are gonna be a ton of people expecting blood for this.

 

Country Customer Support

Africa [email protected]

Australia 1-300 365-911

Austria 0820 44 45 40

Belgium 011 516 406

Bulgaria [email protected]

Croatia [email protected]

Cyprus 22352282

Czech Republic 222 864 199

Denmark 90137013

Estonia 6543484

Finland 600411911

France 0820 31 32 33

Germany 01805 766 977

Greece 801 11 92000

Hungary 1 814 4800

Iceland 591- 5100

India 1800-103-7799

Ireland 0818 365065

Israel 09-9711700

Italy 199 116 266

Latvia 67046049

Lithuania 37338655

Luxembourg 0820 31 32 33

Malta 234 360 00

Middle East - All [email protected]

Netherlands 0495 574 817

New Zealand 09 415 2447

Norway 82068322

Poland 0 801 230 000

Portugal 707 23 23 10

Romania [email protected]

Russia 8-800-200-76-67

Slovakia 232 112 209

Slovenia 1 510 31 30

South Africa 0861 773783

Spain 902 102 102

Sweden 9002033075

Switzerland 0848 84 00 85

Turkey [email protected]

UK 0844 736 0595

 

zfwfw.jpeg

Edited by Cookyman
Posted

Ah, I see the timeline is on the US statement. Why did they feel the need to omit that from the European one? Especially when you consider most people only care about knowing roughly when it will return.

 

 

Sod's low they'll return the shitty Qriocity that no one actually uses and leave the PSN until the end of the week period.

Posted
Country Customer Support

Africa [email protected]

Australia 1-300 365-911

Austria 0820 44 45 40

Belgium 011 516 406

Bulgaria [email protected]

Croatia [email protected]

Cyprus 22352282

Czech Republic 222 864 199

Denmark 90137013

Estonia 6543484

Finland 600411911

France 0820 31 32 33

Germany 01805 766 977

Greece 801 11 92000

Hungary 1 814 4800

Iceland 591- 5100

India 1800-103-7799

Ireland 0818 365065

Israel 09-9711700

Italy 199 116 266

Latvia 67046049

Lithuania 37338655

Luxembourg 0820 31 32 33

Malta 234 360 00

Middle East - All [email protected]

Netherlands 0495 574 817

New Zealand 09 415 2447

Norway 82068322

Poland 0 801 230 000

Portugal 707 23 23 10

Romania [email protected]

Russia 8-800-200-76-67

Slovakia 232 112 209

Slovenia 1 510 31 30

South Africa 0861 773783

Spain 902 102 102

Sweden 9002033075

Switzerland 0848 84 00 85

Turkey [email protected]

UK 0844 736 0595

 

No I meant about the credit check bureau to contact or whatever...

Posted

Ehh, guess it's a good job I removed my CC info a couple of weeks back providing it does completely remove my info and Sony simply don't just "deactivate" it.

Posted
Ah, I see the timeline is on the US statement. Why did they feel the need to omit that from the European one? Especially when you consider most people only care about knowing roughly when it will return.

 

 

Sod's low they'll return the shitty Qriocity that no one actually uses and leave the PSN until the end of the week period.

 

Through a bit more reading it seems the european one may have been brought down as a precaution or as a result of the US being hacked....so it could be working to different timescale?

 

I have to say they should have come out and admit this earlier? Sure they were trying to save face but I think they must have known for a while, to leave people not knowing for 6 days if their stuff has been hacked sucks.

Posted

They seem to be supplying different information to different regions. Although it doesn't deny it on the US site, it does state that there is no evidence to suggest that any Credit Card information has been leaked. Perhaps it's just how I read it but it came across on the Euro one like it had.

 

 

It's not a major problem though as you're protected with your Credit Card against fraud and unauthorised purchases etc.

Posted
They seem to be supplying different information to different regions. Although it doesn't deny it on the US site, it does state that there is no evidence to suggest that any Credit Card information has been leaked. Perhaps it's just how I read it but it came across on the Euro one like it had.

 

 

It's not a major problem though as you're protected with your Credit Card against fraud and unauthorised purchases etc.

 

hmmmm not with debit cards though to the same extent...which is what I have linked to my account...

Posted
hmmmm not with debit cards though to the same extent...which is what I have linked to my account...

 

 

Yeah, me too.

 

 

Although, the banks will normally sort you out. It just takes a lot longer than with a credit card to get any money recouped.

Posted
Yeah, me too.

 

 

Although, the banks will normally sort you out. It just takes a lot longer than with a credit card to get any money recouped.

 

yeah...I am contemplating cancelling it to be honest. If your bank admitted such a breach they would reissue you a card straight away...its happened once with me and Natwest who lost card numbers and expiry dates data...

Posted

More NeoGaf quotes:

 

PSN cards #1 on Amazon coming soon.

 

Can you even imagine informing the insurance carrier? Oh hi, turns out we had a data breach... all 75,000,000 accounts.... in 40 different countries.

 

Sweet Jesus.

 

Haha can't even remember my PSN password =P.

 

and my favourite Tweet so far.

 

PlayStation: They only stole everything.

Posted

Sony's failure to report data breach incurs CT Senator Blumenthal's wrath.

 

Connecticut Senator Richard Blumenthal is "demanding answers" about why Sony Computer Entertainment of America failed to inform customers of the data breach of the PlayStation Network on April 20.

 

"When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised," Blumenthal said in a release. "Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach."

 

Of course, Sony just issued a statement that it says will be emailed to "all of our registered account holders" but, as we noted in our post, it's been nearly six days since the "intrusion" first took place. Blumenthal elaborated, "Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised."

 

Sen. Blumenthal also sent a letter to SCEA President and CEO Jack Tretton

Posted (edited)
When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password.

 

Now this is a worry - why don't they just reset the passwords? If the hackers login before we do they can change your password!

 

6uK1J.jpg

 

From the BBC

 

PlayStation hacker took user info

 

Sony has warned users of its PlayStation Network that their personal information, including credit card details, may have been stolen.

 

The company said that the data might have fallen into the hands of an "unauthorised person" following a hacking attack on its online service.

 

Access to the network was suspended last Wednesday, but Sony has only now revealed details of what happened.

 

Users are being warned to look out for telephone and e-mail scams.

 

In a statement posted on the official PlayStation blog, Nick Caplin, the company's head of communications for Europe, said: "We have discovered that between April 17 and April 19 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network".

 

The blog posting lists the personal information that Sony believes has been taken.

 

Name

Address (city, state/province, zip or postal code)

Country

E-mail address

Date of birth

PlayStation Network/Qriocity passwords and login

Handle/PSN online ID

Mr Caplin added: "It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained".

 

Credit cards

 

Sony admitted that credit card information, used to purchase games, films and music, may also have been stolen.

 

"While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility," Mr Caplin said.

 

"If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained."

 

Sony has not given any indication of how many PlayStation Network users may have had their information taken, but the service has around 70 million members worldwide.

 

'PR Disaster'

The theft of so much detailed customer information would be seen as a "public relations disaster", according to Graham Cluley, senior technology consultant at security firm Sophos.

 

"This is a big one," he told BBC News.

 

"The PlayStation Network is a real consumer product. It is in lots of homes all over the world.

 

"The impact of this could be much greater than your typical internet hack."

 

Mr Cluley warned that, even without credit card details, the information taken was enough to help criminals carry out further attacks on other services.

 

"Some people will use the same passwords on other sites. If I was a hacker right now, I would be taking those e-mail addresses and trying those passwords," he said.

Edited by Cookyman
Posted

there seems to be this viewpoint arising that it was just a single hacker this seems to be due to the original wording of the statement more than anything.

Posted

I'm surprised, the PS3 stuff has been pretty hard to decrypt. It's been out a while now and no-one has managed to crack the stuff they put on videos. They're just simple mp4s with aac audio, I think, but it's not been cracked.

 

I don't have any money anyway so if someone did get my details they'll find they can't take anything out of my account.

Posted (edited)

This is interesting: http://forums.sarcasticgamer.com/showpost.php?p=645846&postcount=734

 

I need to ignore Twitter right now... there are tons of people (and site feeds) spewing ignorance galore...

 

I work at a company that deals with data security... we wish everyone that lost a laptop or left data unencrypted had used our product(s) first. The fact is, NOBODY is impervious to being hacked. It happens all the time to tons of companies. It happens at a much larger scale than the 75M PSN users.

Edited by The Lillster
Posted
I'm surprised, the PS3 stuff has been pretty hard to decrypt. It's been out a while now and no-one has managed to crack the stuff they put on videos. They're just simple mp4s with aac audio, I think, but it's not been cracked.

 

I don't have any money anyway so if someone did get my details they'll find they can't take anything out of my account.

 

Well Sony and especially PS3 seem to be the big target right now. If hackers focus on one system then the flaws will be discovered. Right now one by one the PS3 and PSN are being taken apart, especially as its considered a 'just' cause.


×
×
  • Create New...