Go Back   The Older Gamers Forums > TOG Public Forums > Console Talk

Console Talk Console Gamers - We're all thumbs

Reply
 
LinkBack Thread Tools
Old 27th April 2011, 07:53 AM   #1 (permalink)
Lethal - Post: 5501
 King_Rocket's Avatar

Pensive
Exclamation PSN update: Sony says private info may have been stolen!

Quote:
Originally Posted by Nick Chester@Destructiod

Sony Computer Entertainment has just come out and said it: it thinks it's possible that all of your private data may have been obtained.

In a recent PlayStation Blog update, Sony says that while its "still investigating the details of this incident" it believes that an "unauthorized person" may have obtained your private information. By "information," it means basically everything: your name, address, country, email address, birthday, and your login and password. Also possible: this person has your credit card information if you provided your data through PlayStation Network or Qriocity.

"Out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained," writes Sony's Patrick Seybold.

Finally, it's repeated that Sony is "working day and night" to make sure that both PSN and Qriocity services are back online. It expects "some services" to be restored this week. Considering the breach, I think playing Killzone 3 or Call of Duty: Black Ops online should be the least of your concerns, though.

For more details, follow the link below to the PlayStation Blog, which also provides contact information that might help you protect your privacy.

Update on PlayStation Network and Qriocity [PlayStation Blog]
This can't be good at all, you might want to put a hold on your cards or something.
__________________

"If a job's worth doing, no further justification is required." - Alice: Madness Returns
"It takes just as much work to achieve failure as it does to achieve success."

Last edited by Ancient_One; 27th April 2011 at 05:07 PM.
King_Rocket is offline   Reply With Quote

Old 27th April 2011, 08:36 AM   #2 (permalink)
Retired Captain
Retired Captain
Elite - Post: 3198
 Xavien's Avatar

Psychedelic
Default

This just isnt acceptable at all. For a start sony should email its 75 million customers and inform them of this rather then just post it on a blog that probably have of there customers wont be aware of until they get a credit card bill for 10k or something. I really hope that sony get taken to the cleaners over this.
__________________
Bowski Productions Presents A Free Online Fan Comic (Link Below)
-----------------------------------------------------------
-----------------------------------------------------------
Xavien is offline   Reply With Quote
Old 27th April 2011, 09:11 AM   #3 (permalink)
Retired Captain
Retired Captain
Elite - Post: 3198
 Xavien's Avatar

Psychedelic
Default

Well i canceled my card anyway, apparently it looks like all the banks are getting calls left right and centre about it, as i said its better to be safe then sorry but sonys store wont be getting my new details.
__________________
Bowski Productions Presents A Free Online Fan Comic (Link Below)
-----------------------------------------------------------
-----------------------------------------------------------
Xavien is offline   Reply With Quote
Old 27th April 2011, 10:25 AM   #4 (permalink)
Elite - Post: 4026
 Obsi's Avatar

Cheeky
Default

Quote:
This just isnt acceptable at all. For a start sony should email its 75 million customers
I only found out about it due to Kotaku's facebook posts... I even went to check my e-mail account that's signed up for the PSN, and nope... no notice there. Surely it's not beyond their capabilities to send off an e-mail to all registered users.
__________________

Obsi is offline   Reply With Quote
Old 27th April 2011, 10:46 AM   #5 (permalink)
Retired Captain
Retired Captain
Elite - Post: 4481 TOG Gold Level Supporter
 Zhul's Avatar

Default

Actually, I think if they did email everyone some people would be concerned that it was a spearphishing attempt rather than Sony trying to inform their customers. That would be my first instinct considering what happened.
__________________
Zhul is offline   Reply With Quote
Old 27th April 2011, 10:54 AM   #6 (permalink)
Lead Administrator
All Knowing - Post: 17655
 Ulric's Avatar

Default

Apart from the credit card issue, it is worthwhile noting that the Passwords have been stolen. Additionally the security private question and answer have also been taken.

If you have used these anywhere else, and this information can be linked to your email address, or your private information you should consider any online accounts that use the question/answer grouping to be at risk. These details should be changed NOW.
__________________

Any given man sees only a tiny portion of the total truth, and very often, in fact almost perpetually, he deliberately deceives himself about that little precious fragment as well. - Philip K. Dick
Ulric is offline   Reply With Quote
Old 27th April 2011, 12:07 PM   #7 (permalink)
Retired Captain
Retired Captain
Elite - Post: 4349
 Pure Mongrel's Avatar

Goofy
Default

So assuming that they now need to shut down every compromised account (after all they have no way of knowing for sure if I am the owner of the account even if I provide all the correct info), what happens to all the stuff I have purchased already?

As I was only aware of the security breach regarding my details today (assuming that my data has been out there for a week now) who is going to compensate me for any theft?

What a huge mess SONY is facing!
__________________
Pure Mongrel is offline   Reply With Quote
Old 27th April 2011, 12:10 PM   #8 (permalink)
Retired Captain
Retired Captain
Elite - Post: 4349
 Pure Mongrel's Avatar

Goofy
Default

From the PSN web site:

Note: They believe "all" PSN account have been affected.

Q.1 When did you realise the system had been intruded?

We discovered between April 17 and April 19 there was an illegal and unauthorized intrusion into our network.

Q.2 How did you know that the system was intruded?

We watch for any issues that may be raised with respect to security and monitor for such issues both internally and externally.

Q.3 What is the main reason to this problem? Which parts of the system were vulnerable to the intrusion?

We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we will not comment further on this case.

Q.4 What action did you take (are you taking)? Is there any possibility of further unauthorized access?

As soon as we learned of this issue, 1) we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services, 2) we have also engaged an outside, recognized security firm to conduct a full and complete investigation into what happened, and 3) quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

Q.5 How many were affected? How many per each region? What is the latest status of PlayStation Network registered account/ operating countries.

Our investigation indicates that all PlayStation Network/ Qriocity accounts may have been affected.

Q.6 Does that mean all users’ information was compromised? Tell us more in details of what personal information leaked.

In terms of possibility, yes. We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password, login, password security answers, and handle/PSN online ID. It is also possible that your profile data may have been obtained, including purchase history and billing address (city, state/province, zip or postal code). If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. If you have provided your credit card data through PlayStation Network or Qriocity, it is possible that your credit card number (excluding security code) and expiration date may also have been obtained.

Q.7 Have you notified those users?

We are sending out e-mails directly to these users to their e-mail address registered on the PS Network accounts. Also, we have posted web notices, and additional necessary procedures have been followed by each region.

Q.8 Have you received reports or claims that their PSN ID information/ credit card had been used improperly?

Not at this point in time.

Q.9 I want to know if my account has been affected.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.
For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

Q.10 What should I do to prevent any unauthorized use of my (credit card) personal information?

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports.

Q.11 Since when have PSN/Qriocity become unavailable and in which region?

PSN/Qriocity services have not been available since April 20 (US time) in all regions.

Q.12 How come it is taking so much time to resume the service?

We are taking the investigation seriously. We decided to keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services.

Q.13 How serious is this? Have the hackers broken the security on PSN/Qriocity? Are you taking necessary measures to prevent such outage happening in the future?

Since this is an overall security related issue, we will not comment further on this case but we are working to restore and maintain the services, including countermeasures against future intrusions.

Q.14 When will the service resume?

We are taking the investigation seriously. We will keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services but are working hard to resume the services as soon as we can be reasonably assured security concerns are addressed.

Q.15 Seems like SOE service was also not available/ suffering outage. Is this true? Is this due to the same reason as the PSN/Qriocity outage?

SOE's service is available although a service interruption due to an external attack did occur. A thorough investigation is ongoing.

Q.16 I want my money back (subscription fee, content) since the PSN/Qriocity was not available.

When the full services are restored and the length of the outage is known, we will assess the correct course of action.

Q.17 There seems to be some games that cannot be played even offline?

Depending on the game titles, but mainly PSN games, some may require access to PSN for trophy sync, security check, etc.
__________________
Pure Mongrel is offline   Reply With Quote
Old 27th April 2011, 02:32 PM   #9 (permalink)
Retired Captain
Retired Captain
Elite - Post: 3481
 Rob.'s Avatar

Sad
Default

Is a credit card required to make a PSN account? I signed up ages ago and can't remember if I had to enter CC details or not. I've never bought anything from the store.
__________________

Rob. is offline   Reply With Quote
Old 27th April 2011, 02:55 PM   #10 (permalink)
Lethal - Post: 5501
 King_Rocket's Avatar

Pensive
Default

It wasn't when I signed up, they have my CC details cause I bought stuff.
__________________

"If a job's worth doing, no further justification is required." - Alice: Madness Returns
"It takes just as much work to achieve failure as it does to achieve success."
King_Rocket is offline   Reply With Quote
Reply

Tags
credit card, fail, ps3, psn, security breach

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +11. The time now is 02:23 AM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0