Sony: Hackers have all of your Information, including maybe your Credit Cards

Page 1 of 4
#1
http://arstechnica.com/gaming/news/2011/04/sony-admits-utter-psn-failure-your-personal-data-has-been-stolen.ars


Nice one Sony, way to securely store data
Also, it's not like I need to know if my CC info has been stolen, take your time it's not urgent or anything.


First rootkits, now this.
"Why should we subsidise intellectual curiosity?"
-Ronald Reagan

"Knowledge is in every country the surest basis of public happiness."
-George Washington
#2
Play.com sent me thousands of credit card details once. That was nice of them.

Companies screw up all day, everyday.
Horseness is the whatness of allhorse.
We are all Neil Lennon
UG GT5 group
#4
Well, they've gotten the details already, nothing left to do. Why worry?
Horseness is the whatness of allhorse.
We are all Neil Lennon
UG GT5 group
#8
This is why i don't like the fact the PSN stores your credit card details whenever you use it.
I'd rather have to fill it in everytime I wanted to make a purchase, though there may have been an option for that that i didn't spot.

Either way, if i lose any money from my account i'll inform my bank and get the transactions and card shut down.
#9
Yeh i think this thread has had a few appearances, but i aint bothered about this, i got nothing for anyone to steal, i guess its just a life lesson for people NEVER trust technology.
#11
Quote by WhiskeyFace
The xbox people are gonna love this


I have an xbox, but i'm not childish enough to want to use this as a chance to lord it PS3 owners. Sony need to get it sorted, because people don't usually appreciate having their details given away.
#12
I loved seeing some comments on Kotaku with people crying over how Sony can't fix the problem.
One comment said that because sony are a multi-national corp they should have been able to get the PSN online within an hour.

Because yeah, external intrusions into a massive system such as the whole sony network are as easy to fix as a dodgy bike chain.
#14
Quote by GidBass
Glad I kicked gaming some 3 years ago.
Guitars > Games

I don't play games anymore either (save the occasional game of Fallout), but my little brother does, and I allowed him to use my card details over PSN so he could buy games.
Quote by SG_dave
This is why i don't like the fact the PSN stores your credit card details whenever you use it.
I'd rather have to fill it in everytime I wanted to make a purchase, though there may have been an option for that that i didn't spot.

Either way, if i lose any money from my account i'll inform my bank and get the transactions and card shut down.

AFAIK you don't even have to have picked that option, if you used your card with them at any point the details are stored.
Quote by UraniYum
Well, they've gotten the details already, nothing left to do. Why worry?

Ya, there is shit left to do. Sony has already stalled on releasing this info and now won't say for certain whether CC data has been taken. If it has then I've got to get a new card, which is a massive pain in the arse.
"Why should we subsidise intellectual curiosity?"
-Ronald Reagan

"Knowledge is in every country the surest basis of public happiness."
-George Washington
#15
Quote by Sherlock_Bones
I have an xbox, but i'm not childish enough to want to use this as a chance to lord it PS3 owners. Sony need to get it sorted, because people don't usually appreciate having their details given away.


Pfft, stop being so sanctimonious.

You know you got all giddy when you read the OP.
666 BRO
#17
Quote by SG_dave
I loved seeing some comments on Kotaku with people crying over how Sony can't fix the problem.
One comment said that because sony are a multi-national corp they should have been able to get the PSN online within an hour.

Because yeah, external intrusions into a massive system such as the whole sony network are as easy to fix as a dodgy bike chain.

I don't care about PSN being down but Sony should not have been storing data in plaintext as they appear to have done. Massive failure on their part.
"Why should we subsidise intellectual curiosity?"
-Ronald Reagan

"Knowledge is in every country the surest basis of public happiness."
-George Washington
#18
Quote by Ur all $h1t

AFAIK you don't even have to have picked that option, if you used your card with them at any point the details are stored.


I know it stored them locally to your PS3 automatically.
But I can't be sure whether there was any option to get it so they aren't stored externally in the PSN. Don't think there was.

Quote by Ur all $h1t
I don't care about PSN being down but Sony should not have been storing data in plaintext as they appear to have done. Massive failure on their part.


I was assuming that it was encrypted, but the encryption keys were also got hold of as well since they were on the same network Shitty security I gotta say, but it was unforseen circumstances. No corporation expects to be hacked as extensively as this, they assume they'd be able to shut down the threat quick enough.
Last edited by SG_dave at Apr 27, 2011,
#19
I have an Xbox and a PS3. Winning! and Losing!
"For we are nothing without brotherhood and brotherhood is nothing without our brothers" -We Came As Romans
#22
I still lust after San Andreas. I've seriously been considering getting a PS2 again, after hearing the Tony Hawks Pro Skater 2 playlist recently.
Horseness is the whatness of allhorse.
We are all Neil Lennon
UG GT5 group
#23
Quote by Kankuro
Pfft, stop being so sanctimonious.

You know you got all giddy when you read the OP.


I'm not and I didn't

I seriously think I may have grown up too fast. Like a reverse Peter Pan.
#24
Glad I still use an abacus and a piece of string for my gaming.

ಠ_ಠ

wat

#25
Well lucky me i have an Xbox 360. Feel sorry for the PS3 guys though must suck to have your personal info go to some dumbass hackers.
Raffi M Of The 'Australia FTW!' Club. PM Alter-Bridge or The_Random_Hero to join. Australians only.
#26
Quote by GidBass
Glad I kicked gaming some 3 years ago.
Guitars > Games


I'm with Gidbass
Quote by theogonia777
and then there's free jazz, which isn't even for musicians.

Quote by Born A Fool
As my old guitar teacher once said: Metal really comes from classical music. The only difference is pinch harmonics, double bass, and lyrics about killing goats.
#27
It's lucky I had the foresight to lose my credit card and cancel it last week.


Don't let your boat be empty, don't be a sunken dream
Don't let the boat regret thee, for what you could have seen

#29
Lol.

That explains why the price dropped from $2 per card to $1 per USA card and we're getting a bunch of CC dumps.

Just watch your credit card statements and chargeback and contact their fraud department if something went wrong. Carders aren't aiming to hurt you.
#30
Not only was their data not secure, but they waited an entire week to notify people of personal information being compromised.

A network that stores your personal information was hacked. The first thing they should have told people when they had a breach was "Your personal information may be compromised," not wait a week for an outside firm to confirm it. Sony tried to play it safe and was burned in the end. I hope they get every punishment and sanction available for their complete disregard for their customer's security.
Last edited by Inimical at Apr 27, 2011,
#31
Quote by Inimical
Not only was their data not secure, but they waited an entire week to notify people of personal information being compromised.

A network that stores your personal information was hacked. The first thing they should have told people when they had a breach was "Your personal information may be compromised," not wait a week for an outside firm to confirm it. Sony tried to play is safe was burned in the end. I hope they get every punishment and sanction available for their complete disregard for their customer's security.

You're saying they're insecure? They went through MegaPath's MPLS network. I work for MegaPath and trust me, they're definitely not insecure. They have a Managed SSL service and each PS3 has their own SSH key.
It was most likely stolen internally, someone with a clean criminal record. There's only so much you can do to prevent it.
Also, they had to wait until it was confirmed. What kind of a business would they be if they gave out false alarms constantly?
#32
If they have the credit card details wouldn't they have used it by now? Been a week and no reports of any problems other than the PSN being down.

Don't let your boat be empty, don't be a sunken dream
Don't let the boat regret thee, for what you could have seen

#33
Quote by Blayney
If they have the credit card details wouldn't they have used it by now? Been a week and no reports of any problems other than the PSN being down.

Lawl, its kind of hard for about 80 000 carders worldwide to go through a couple million credit cards in a week. Both in person and online. It'd raise too big of an alarm.
#34
Yeah, well I put in a (funny) fake name, fake address, and I haven't used that email in ages so ha!

Hackers: 0
Me: 1
R.I.P. M.C.A.
Tweet at me bro
lushacrous loves you
Quote by blake1221
Don't be ludicrous, lushacrous.
Quote by Gunpowder
that joke regarding your username was NOT originally posted by blake1221. That was a Gunpowder original.

I INVOKE SOPA TO SMITE YE FOR THIS FALSEHOOD.
Last edited by lushacrous at Apr 27, 2011,
#35
Quote by Seth Shadows
Lawl, its kind of hard for about 80 000 carders worldwide to go through a couple million credit cards in a week. Both in person and online. It'd raise too big of an alarm.


I don't know anything about it

You're in the industry, what's a "carder"?

The alarm is already raised?

Don't let your boat be empty, don't be a sunken dream
Don't let the boat regret thee, for what you could have seen

#36
Quote by Seth Shadows
You're saying they're insecure? They went through MegaPath's MPLS network. I work for MegaPath and trust me, they're definitely not insecure. They have a Managed SSL service and each PS3 has their own SSH key.
It was most likely stolen internally, someone with a clean criminal record. There's only so much you can do to prevent it.
Also, they had to wait until it was confirmed. What kind of a business would they be if they gave out false alarms constantly?
Fair enough, I was not aware of their network.

I am not talking about false alarms, I am saying they should have said something about a possible information breach right away. If a network with personal information is hacked, there is always a possibility of information being compromised. End of story. All Sony said was there was an external breach, and then they shut down the service. There was absolutely no information to their customers beyond that, which is ridiculous considering what was stolen.
#37
Sell and Promote your music TuneHub!



wy is yer mad at muy gramhar fer?


Quote by jimmyled
jimmybanks youre a genius.


aparently i ar smrt?
Quote by dyingLeper
jimmybanks youre a genius


GO SENS GO
Last edited by JimmyBanks6 at Apr 27, 2011,
#38
Quote by lushacrous
Yeah, well I put in a (funny) fake name, fake address, and I haven't used that email in ages so ha!

Hackers: 0
Me: 1

You have no credit card. No SSN, Nothing.

Hackers don't care, you're worthless. They're not trying to find out your personal info to come to your house and touch you inappropriately, seriously.

Hackers: 1
You: 0
#39
Quote by Seth Shadows
You have no credit card. No SSN, Nothing.

Hackers don't care, you're worthless. They're not trying to find out your personal info to come to your house and touch you inappropriately, seriously.

Hackers: 1
You: 0

I don't understand what you're trying to say here.

Hackers: 0
Me: 1
R.I.P. M.C.A.
Tweet at me bro
lushacrous loves you
Quote by blake1221
Don't be ludicrous, lushacrous.
Quote by Gunpowder
that joke regarding your username was NOT originally posted by blake1221. That was a Gunpowder original.

I INVOKE SOPA TO SMITE YE FOR THIS FALSEHOOD.
#40
Dude, I just went on IGN and Gamespot. They're acting like it's the apocalypse.
Page 1 of 4