Jump to content
N-Europe

Recommended Posts

Posted (edited)
The thing that gets me is "they tried selling it to Sony". Why would they even do that - what possible use would it be to Sony as Sony still have the database?
I did say it was a rumour.

 

This is more reassuring.

 

"All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken."

 

"Spokesmen for Wells Fargo & Co., American Express Co. and MasterCard Inc. said they were monitoring cardholder accounts and hadn’t seen unauthorized activity relating to Sony. "

 

Edited by Cookyman
  • Replies 14.8k
  • Created
  • Last Reply

Top Posters In This Topic

  • Daft

    1798

  • flameboy

    1499

  • dwarf

    1450

  • Choze

    925

Top Posters In This Topic

Posted (edited)
Hope this isn't true!

 

32356.jpg

 

From Shacknews.com

 

 

panic.gif

 

I had heard this rumour going around...think Eurogamer reported that some financial expert was saying this was the case but Eurogamer did back themselves up by saying the experts opinions were unsubstantiated....

 

EDIT:

 

Here I fished out the Eurogamer quote;

 

A security expert this morning claimed that "low-level cyber criminals" are currently shopping around lists containing the credit card details of 2.2 million PSN members.

 

The claim is at this stage unsubstantiated, and conflicts with Sony's reassurance that credit card security codes were not held by PSN.

 

ERRRR....Sony lying about not having security info on their network?

 

199973-header.jpg

 

This week, Sony communications chief Patrick Seybold tried to put fears to rest with another PlayStation Network/Qriocity FAQ. He attempted to dissuade users from feeling that their credit card information is at risk by stating that hackers couldn't possibly have all the information. Why not? Sony never asked for it, apparently.

 

"Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained," he stated, "because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system."

 

Good news, right? Well ... perhaps not. We looked into the veracity of that claim and found evidence -- on PlayStation.com, no less -- that Sony did request your credit card security code when you signed up to PlayStation Network. There's even a screenshot of the billing page, viewable above, that shows it.

 

Sony seems adamant that your security card information isn't at risk, so it's quite possible that, even if asked for, it was never stored, as per VISA's rules. Even so, why tell us it was never asked for when it looks like it was?

 

We've contacted Sony for comment as we try and find out how this discrepancy occurred. For obvious reasons we cannot see what the PlayStation Network billing page currently looks like on our PS3s, but it's a strange situation nonetheless. Hopefully Sony has a good explanation for what looks like a disconcerting contradiction.

 

So what gives this is kinda wierd that they would specfically come out and say this info was never asked for when it was?

Edited by flameboy
Posted

Its taken for purchases but not stored. It asks you once in a while to confirm a purchase even if you have saved your card from my experience. Seems to be used to verify the account for purchases within a period of time.

 

There isn't much coverage today probably because of the wedding and other stuff going on. But what is there is silly drivel. You have large media organisations getting pranked by gamers. Pachter's password is apparently 'iamwrong' lol. We could get together and make some stuff up and pose as sources too? :wink:

Posted
Its taken for purchases but not stored. It asks you once in a while to confirm a purchase even if you have saved your card from my experience. Seems to be used to verify the account for purchases within a period of time.

 

From what I can gather, nobody stores the security code - that's the entire point of them.

 

Anyway, I don't really see how this is any worse than ordering anything over the phone.

Posted
Its taken for purchases but not stored. It asks you once in a while to confirm a purchase even if you have saved your card from my experience. Seems to be used to verify the account for purchases within a period of time.

 

There isn't much coverage today probably because of the wedding and other stuff going on. But what is there is silly drivel. You have large media organisations getting pranked by gamers. Pachter's password is apparently 'iamwrong' lol. We could get together and make some stuff up and pose as sources too? :wink:

 

yeah no one is allowed is store the code...I've never once had it ask me to confirm a purchase or my details and I've had a PS3 for like 4 years or summit...

 

Anyway the security thing has been cleared up;

 

Sony has gotten back to us, noting that an error was made in the blog post and confirming that Sony does ask PSN users for a security code. However, it was noted that the numbers are not stored on Sony's servers so there's no risk. The PS Blog post has now been corrected and the erroneous information crossed out.

 

The more worrying thing is still sony's poor communication and misinformation leaking out...

Posted

Well since we all know we usually just click to buy things off the store without having to provide additional card details, it's obvious that the security code is not required for the majority of psn purchases. So if the card details we provided were obtained, there's really no reason why this couldn't lead to someone using them.

Posted
Well since we all know we usually just click to buy things off the store without having to provide additional card details, it's obvious that the security code is not required for the majority of psn purchases. So if the card details we provided were obtained, there's really no reason why this couldn't lead to someone using them.

 

To be fair quite a few sites ask for you to add the security code at final stage of checkout. Also there is that other security thing just for your bank as well "Secursomethingorother"

Posted

Checking the CVV isn't mandatory, although you'll be hard pressed to find anyone reputable that doesn't. As this value isn't stored, however, it generally won't be rechecked unless something changes, such as the person with their card on file requests an item be sent to a different address or, say, orders something over a certain amount.

 

The other data is relatively useless without your CVV and pin code: lacking the former online purchases are something of a dead end, without the latter even a cloned card is pretty much a waste of plastic.

Posted

A lot of places don't ask for the bank password thing, and even then, I'm pretty sure I had to create my own password to activate that. PSN definitely doesn't ask for that.

 

It's true most places do ask you for a security code. But I wonder, how secure is a 3 digit code? This is conjecture, but assuming you had 3 chances to enter it right before your account was blocked, 1 in 333 of the several million could potentially be accessed.

Posted

I'm sure there are ways around such security measures, but in some ways it's more about being a nuisance than anything. Frankly fraudsters don't have any reason to expend a great amount of effort on one particular card — unless it's a targeted attack on someone — as there are so many more gullible fish in the sea that'll hand over the missing details upon the receipt of a vaguely official looking e-mail or barely authoritative phone call.

 

Assuming for a moment that someone walked away from the PSN incident with tens of millions of unencrypted account details, they aren't going to sit around entering them one by one. The data would be fed into an automated process that trolls for easy pickings.

Posted

Rumour has it Sony used the opportunity to install an OnLive like infrastructure for PSN. No need to upgrade the console anymore. I lie.

Posted

Speaking of OnLive, it would be awesome if Sony or Microsoft (or even Nintendo with their next console) had an OnLive-like system for demos. I think a lot more people would try them out if they could jump straight into them.

 

Another thing about demos that really annoys me is E3 - they have all these demos made so they should make them available to all for around a week.

Posted

You see, I heard that as well but negotiations over the decision between Red Leicester and Double Gloucester have made it a slow development.

Posted
The thing that gets me is "they tried selling it to Sony". Why would they even do that - what possible use would it be to Sony as Sony still have the database?

 

I was discussing this with Happenstance today. How would they get their money? Bank accounts can be traced and cash would be stupid. I call either bullshit or a stupid plan.

 

Hope it's real though and they get caught once the money has been "handed over".

Posted
I was discussing this with Happenstance today. How would they get their money? Bank accounts can be traced and cash would be stupid. I call either bullshit or a stupid plan.

 

Hope it's real though and they get caught once the money has been "handed over".

 

Like in the films of course!!!

 

A guy in a suit with a big case meets another guy in a suit who wants the money, lots of people either side with guns and the exchange goes down... :laughing:

Posted

And then at the end of the film Sony would remember about the "Ctrl+C" and "Ctrl+V" buttons and it would end on a cliffhanger.

Posted
I heard that they were going to send cheese to every PSN member to say "sorry".

 

OMG CHEEEEEEEEEEEEEEESE!!!!

 

That would actually be amazing.

Posted
Rumour has it Sony used the opportunity to install an OnLive like infrastructure for PSN. No need to upgrade the console anymore. I lie.

 

New features "unlikely" when PSN returns.. Is the latest thing I've read. Anyone else got anything good?

 

I can't see why they would be concerntrating resources on bringing anything new to the system now when their focus should be getting it back as it was but more secure...

 

Will have to see the results of the press conference when we wake up in the morning.


×
×
  • Create New...