Sony's PSN Attacked Again! 93,000 Accounts Compromised!

[Badnik Mechanic]

If the person/group who did this get found out, they are fucked royally. First of all, they attempted to ruin consumer faith in Sony, and they are not going to be happy about it.

I wouldn't be too suprised if Microsoft actually sees a drop in sales after this as well. This is really going to have people asking a lot of questions about all online companies as to how secure their systems are. Granted Sony's going to take the full force, but people are going to be asking "Well just how secure is XBL/i-tunes/Wii-market place/play.com/amazon/paypal" etc.

For me, theres no way I'm suddenly going to trade in my working PS3 when I'm enjoying it (as oxymoronic as that sounds given todays fun announcements) and spent so much time on it. I doubt I'm the only one with that stance.

Am I pissed off about this whole thing, yes I am and if suddenly I see unauthroised transactions (none so far) on my old card or letters asking me to join the newland club. You can bet I'll be sending a very stirn letter to Sony (If you are British, that means we're very angry.) as well as seeking legal advice.

But will I stop playing on my PS3? Nope. Why would I? It's one hell of a fun toy to play with, if the company has made a major fuck up, then I'll deal with them, but it's not going to stop me playing with my favourite toy.

[Detective Shadzter]

[uPDATE] Meanwhile, the PSN outage is beginning to draw attention from the highest levels of the US government. In a letter to Sony Computer Entertainment America president and CEO Jack Tretton, US Senator Senator Richard Blumenthal (D-CT) has called on Sony to offer full disclosure to PSN users if their information was compromised, and to offer two years of free access to credit reporting services to check if their credit was adversely affected. "Affected individuals should also be provided with sufficient insurance to protect them from the possible financial consequences of identity theft," Blumenthal said.

http://uk.gamespot.com/news/6310386.html?tag=latestheadlines%3Btitle%3B1

Woah

[LATER BUDDY]

Uuuh... you still have to enter a credit card number to buy those points online, you know.

Oh, I usually buy those points from the a retail store, I kinda forgot about that honestly. (feels retarded)

[Scar]

Seems like we'll all benefit from this actually.

This not only means that Sony will be fortifying its networks, but other companies will do the same out of fear. This will simultaneously put hackers and jailbreakers in an increasingly bad light. Which is probably not going to help Anonymous' cause much.

[Blue Wisp]

Hate these type of hackers -w-

Hope that you PSN guys don't have any personal stuff stolen ;D

[Tornado]

With great respect, potato/potato (damn, that saying doesn't work at all in writing).

It's really not.

Oh hey, another perfectly legal, fine experience enhancement to every PS3 owner made possible by the trusty and reliable "homebrew community". The hacking of the system has surely improved our day to day enjoyment of the device! Where can I donate to these fine gentlemen?

Intentional misrepresentation doesn't do anyone any favors when there is as much confusion as we have now.

Seems like we'll all benefit from this actually.

This not only means that Sony will be fortifying its networks, but other companies will do the same out of fear.

I imagine the damage that it will do to online retailers, all online retailers, is going to be felt for years, though.

[LATER BUDDY]

I highly doubt it, but you know what would be really fucked? If they took one person's information and dumped money from other people's credit/debit card info into it to try and pin it on them or something. Maybe not even one person, but just sorta "mixing piles of money." That'd create even more customer complaints and panic, =(.

I don't know, I'm just sorta realizing the power you have with that much information. I hope who ever they are, they get caught in the act soon.

[Gamerguy21]

Most people over here aren't too fussed about this, because it may be possible to trade in your PS3, but its impossible to trade in save-data and countless hours of gameplay time.

Whoa whoa whoa, wait. Are people here really planning on trading in their PS3s because of this? I haven't heard anyone say that, but that seems like a pretty stupid move IMO. The damage is done, if you were enjoying your PS3 before, why trade it in now? If you're really that paranoid about it, just take Hogfather's advice and enter a ton of bogus info into the account and make all your online purchases with prepaid cards. Problem solved.

[Detective Shadzter]

Sony's posted an FAQ

http://faq.en.playstation.com/cgi-bin/scee_gb.cfg/php/enduser/std_adp.php?locale=en_GB&p_faqid=5593

(via Eurogamer)

Which? has commented on the situation

http://www.eurogamer.net/articles/2011-04-26-what-psn-identity-theft-means-for-you

[Badnik Mechanic]

I'd like to thank the homebrew community, for their fabulous contribution to tonights events...

Heres an interesting thought, you know the PSN security question/answer that you give when you first sign up... well... theres no way to change that information. At least I can't find any FAQ or anybody thats asked the question whose got a reply saying "Yes you can, here is how!"

So if thats gone, someone can continue to try and get into your account.

Edited April 26, 2011 by Hogfather

[Scar]

Well they can't now, because they've shut the whole thing down, so nobody has access.

And they'll probably beef up security and essentially fortify PSN from here on out.

[Badnik Mechanic]

Well they can't now, because they've shut the whole thing down, so nobody has access.

And they'll probably beef up security and essentially fortify PSN from here on out.

Edited April 26, 2011 by Hogfather

[Gamerguy21]

I'd like to thank the homebrew community, for their fabulous contribution to tonights events...

[Scar]

Well to be fair, this doesn't sound like something the homebrew community did; sounds more like hackers who simply wanted to get some stuff for free on the PSN, as well as personal info and credit card numbers.

In that case, I honestly hope Sony's smart enough to add an option to change that info when the PSN goes back up. However, I'm not holding my breath; Sony has lost quite a bit of my trust in this past week.

[Badnik Mechanic]

How to find out what card you used on the PSN.

There is a way to tell what card you used so you can check if you're not certain.

Go into the email account for whatever email you use for the PSN. Search for any email which is from "DoNotReply@ac.playstation.net"

You're looking for any email that has "Wallet Funding" in the title, when you view the email it should say what card you used, or have the PSN voucher code that you used.

Well to be fair, this doesn't sound like something the homebrew community did; sounds more like hackers who simply wanted to get some stuff for free on the PSN, as well as personal info and credit card numbers.

Should we not start calling them criminals instead of hackers?

Edited April 26, 2011 by Hogfather

[Gamerguy21]

Why have they lost your trust?

They've done nothing wrong themselves. In fact shutting down the PSN was probably the best thing they could do given how sudden this attack was.

It's not really Sony's actions that made me lose my trust; it's their terrible PR. This has been going on for a week now, and we only just learned today that personal information was most likely compromised. I realize that they had to hire a seperate security firm to find out if data was stolen, but they still could have kept us up to date much better. Instead, all we got everyday was "Uh oh, the psn is still down. It'll be back up eventually. Thanks for waiting.". I'm also getting the impression that the PSN has pretty shitty security from all this, but I don't really know much about that matter.

I dunno, maybe I'm being too harsh on Sony by losing trust in them, but that awful PR (and this whole situation in general) has left a really bad taste in my mouth.

Should we not start calling them criminals instead of hackers?

Fair enough.

[Dobkeratops]

Re: security question

I'm gonna go out on a limb and say everything will be reset. You'll get a new temporary password mailed to get into the account and rewrite your access info. It's the most sensible approach.

[Chooch]

I dunno, maybe I'm being too harsh on Sony by losing trust in them, but that awful PR (and this whole situation in general) has left a really bad taste in my mouth.

I'm not sure I think things would be much different if the same thing happened on other, similar services, to be entirely honest.

[Aerodynamic909]

screw you sony im never buying another poduct from you again nope.avi sellin my ps3 on craigslist as we speak

/sarcasm.

[Kevin]

One thing that I'm wondering is how this is going to affect Sony once E3 rolls around. They're going to have to impress during their press conference, and the last thing they want is for consumer confidence in them to drop, especially with this latest fiasco going on.

What you think this won't happen again? This will happen again, it might be Sony, it might not be, but it will happen again. with the direction consoles are going in, this was always going to happen at some point. Frankly with all the stories about ****** Xlive/Sony/Wii admin account getting stolen, I'm amazed it took as long as it did before a major cluster fuck of biblical proportions happened.

For ANY online service, if you can play your games, go online without your real name/addres/card details being online, there is NO reason at all for them to be on there. This applies to Sony, Microsoft, Nintendo, OnLive, hell lets go down to the graveyard, dig up the Dreamcast and change those details too!

This is a good point brought up, and I hope Microsoft, Nintendo, etc are taking notes right now. While they technically weren't affected, they'll going to have to answer to what they're going to do in light of all this.

[Phos]

Why they store credit card information server side instead of client side is beyond me...

[Chooch]

I wanted to take this opportunity to clarify a point and answer one of the most frequently asked questions today.

There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.

For those who were looking there’s also an FAQ with some more frequently asked questions

Thank you for your continued patience and support.

Source.

[Conando]

The bank account doesn't appear to be compromised, but I figure I should ask the bank for a new debit card to be on the safe side.

[Blue Wisp]

Should we not start calling them criminals instead of hackers?

Hey see that not all hackers are this type of idiots. Some of them only want to make the console better than it is, like the mayority of Wii hackers where they make things for example for Movie DVD play and customizing the Menu.

[goku262002]

Hey see that not all hackers are this type of idiots. Some of them only want to make the console better than it is, like the mayority of Wii hackers where they make things for example for Movie DVD play and customizing the Menu.

^What he said. You can't just lump all hackers in with these idiots who wanted to do criminal misdeeds. Thats just being narrow minded.