5
   

Sony's Playstation Network totally compromised

 
 
Reply Wed 27 Apr, 2011 10:18 pm
http://yro.slashdot.org/story/11/04/27/142238/77-Million-Accounts-Stolen-From-Playstation-Network

Quote:
77 Million Accounts Stolen From Playstation Network
Posted by CmdrTaco on Wednesday April 27, @10:59AM

from the oh-yeah-this'll-be-fine dept.

Runaway1956 was one of many users to continue to update us about the intrusion we've been following this week. "Sony is warning its millions of PlayStation Network users to watch out for identity-theft scams after hackers breached its security and plundered the user names, passwords, addresses, birth dates, and other information used to register accounts. Sony's stunning admission came six days after the PlayStation Network was taken down following what the company described as an 'external intrusion'. The stolen information may also include payment-card data, purchase history, billing addresses, and security answers used to change passwords, Sony said on Tuesday. The company plans to keep the hacked system offline for the time being, and to restore services gradually. The advisory also applies to users of Sony's related Qriocity network."


If you have a PS3, your kids do, or any presence on the Playstation Network, it's likely that your data has been compromised at this point.

That aside, it's also remarkable in that the network itself is compromised to such a degree. I've read that the problem stemmed in part from compromised PS3 consoles, but the real problem apparently was the poor encryption of data.
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 5 • Views: 3,192 • Replies: 13
No top replies

 
Cycloptichorn
 
  1  
Reply Wed 27 Apr, 2011 10:24 pm
http://vgn365.com/2011/04/26/psn-users-reporting-hundred-of-dollars-stolen-from-them/

PSN Users Reporting Hundreds of Dollars Stolen From Them

Cycloptichorn
0 Replies
 
rosborne979
 
  1  
Reply Thu 28 Apr, 2011 04:05 am
@Cycloptichorn,
I would say that the pay rate for computer security experts across the industry just went up.
0 Replies
 
BillRM
 
  1  
Reply Thu 28 Apr, 2011 05:56 am
@Cycloptichorn,
As Sony love suing it customers now it seem it had come time for their customers to sue them.

Perhaps if they had a larger IT department and a smaller legal department this would not had happen to them.
0 Replies
 
djjd62
 
  1  
Reply Thu 28 Apr, 2011 06:06 am
when this story broke yesterday (nice of sony to let me know, i got the email more than 3 hours after i saw the first news story), i called my mastercard provider to inform the that i had a card linked to the site, they said not to worry, which really surprised me, i'll be getting a statement in a couple of days so i guess i'll see what happens (i hadn't accessed the account in over a year and some of the card information was out of date (expiry date and security code), so that might be a saving grace)
0 Replies
 
Robert Gentel
 
  2  
Reply Thu 28 Apr, 2011 09:30 am
The most important thing to do after a breach like this is make sure you do not use that password anywhere.

Shared passwords are worse than weak passwords for reasons such as this.

P.S. Because someone tagged this "Anonymous" I'll point out that they have nothing at all to do with this.
DrewDad
 
  1  
Reply Thu 28 Apr, 2011 09:56 am
@Robert Gentel,
Robert Gentel wrote:

The most important thing to do after a breach like this is make sure you do not use that password anywhere.

Shared passwords are worse than weak passwords for reasons such as this.


Yup.
0 Replies
 
Cycloptichorn
 
  1  
Reply Thu 28 Apr, 2011 11:19 am
@Robert Gentel,
Robert Gentel wrote:

The most important thing to do after a breach like this is make sure you do not use that password anywhere.

Shared passwords are worse than weak passwords for reasons such as this.

P.S. Because someone tagged this "Anonymous" I'll point out that they have nothing at all to do with this.


That was me, and I agree that they have no culpability. However, they were tangling with Sony a little while ago over the whole GeoHot thing, and there's some suspicion that their involvement helped the whole thing get started.

Cycloptichorn
0 Replies
 
BillRM
 
  1  
Reply Tue 3 May, 2011 09:09 am
@Cycloptichorn,
http://www.zdnet.com/blog/gamification/sony-security-hole-exposes-another-246-million-accounts/361

Sony security hole exposes another 24.6 million accounts
By Peter Cohen | May 3, 2011, 6:59am PDT

Summary
Just when you thought things couldn’t get any worse for Sony, the company admits to another security failure that exposed personal information on another 24.6 million user accounts.

Sony says hackers infiltrated the Sony Online Entertainment (SOE) systems around the same time as the recent break-in to Sony’s PlayStation Network (PSN). Data thieves made away with personal information from approximately 24.6 million SOE accounts, according to Sony.

An “outdated database from 2007″ was also copied which included 12,700 credit card and debit card numbers and expiration dates from customers in Austria, Germany, Netherlands and Spain. Sony noted that credit card security codes were not included in that database.

SOE systems power Sony’s multiplayer online games including EverQuest II, Free Realms and DC Universe Online. The service went down Monday morning in the United States with a maintenance message. Sony has since followed up with more details.

Over the weekend Sony executives held a press conference to discuss security problems with its PlayStation Network (PSN) and Qriocity media streaming service. Around April 18, data thieves broke into PSN and Qriocity’s databases and made away with personal information on 77 million account holders, including, possibly, credit card information on about 10 million subscribers.

The company failed to acknowledge the data breach until almost a week after it shut down access to the PSN and Qriocity services, raising sharp criticism from PSN users, security analysts and others.

A contrite Kazuo Hirai and other Sony executives took the dais at the Sunday press conference to apologize to Sony users affected by the initial security failure, promising to make amends by offering free access to PlayStation Plus content and other benefits.

Similarly, Sony is promising to overhaul SOE’s security procedures, and is offering some tepid enhancements to help encourage players to come back, once service has been restored.

This latest fiasco tips the total number of affected Sony user accounts to more than 100 million. While it looked like Sony had some hope of digging out from the initial PSN catastrophe intact, anyone who’s ever given Sony a credit card must be looking askew at the company now
0 Replies
 
Cycloptichorn
 
  1  
Reply Wed 4 May, 2011 02:59 pm
@Robert Gentel,
Robert Gentel wrote:

The most important thing to do after a breach like this is make sure you do not use that password anywhere.

Shared passwords are worse than weak passwords for reasons such as this.

P.S. Because someone tagged this "Anonymous" I'll point out that they have nothing at all to do with this.


Just to circle back to why I tagged it Anonymous,

Quote:
Sony Officially Blames Anonymous For PSN Hack

Posted by samzenpus on Wednesday May 04, @02:21PM
from the in-today's-sony-hack-news dept.

H_Fisher writes "In a letter to Congress, Kazuo Hirai, chairman of Sony's board of directors, blames hacker group Anonymous for making possible the theft of gamers' personal information. 'What is becoming more and more evident is that Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack designed to steal personal and credit card information for illegal purposes,' Hirai wrote. He also indicated that Sony waited two days before notifying the FBI of the theft."


Apparently there were some taunts left on Sony's system that would appear to be similar to Anonymous' past statements. Not that this constitutes proof or anything, but it's certainly part of the story.

Cycloptichorn
0 Replies
 
RexRed
 
  1  
Reply Fri 6 May, 2011 02:45 am
One more good reason to play only PC games.

http://consumerist.com/2011/05/security-expert-sony-knew-its-software-was-obsolete-months-before-psn-breach.html

I wouldn't own a console if they paid me to take it. Err, my credit card info was not compromised. I don't have to go now and change my passwords on hundreds of sites. I don't need to get new cards issued so that "anonymous" can't steal my identity . Smile
RexRed
 
  1  
Reply Fri 6 May, 2011 04:08 am
http://ingame.msnbc.msn.com/_news/2011/05/05/6593542-report-hackers-plan-third-attack-on-sony
0 Replies
 
BillRM
 
  1  
Reply Sat 7 May, 2011 08:17 am
@RexRed,
Quote:
wouldn't own a console if they paid me to take it. Err, my credit card info was not compromised. I don't have to go now and change my passwords on hundreds of sites. I don't need to get new cards issued so that "anonymous" can't steal my identity .


You used the same password on all your sites?????!!!!??
0 Replies
 
djjd62
 
  1  
Reply Mon 6 Jun, 2011 06:31 pm
since i suffered no repercussions, i'm pretty happy with sony's welcome back goodies. two free games for the psp or ps3

the psp is a choice of two of four games (one of which i already own Sad ),but i'm grabbing little big planet and some kind of racing game (sort of cartoon go-carts as near as i can tell, with modifiable racers, and design your own tracks)
0 Replies
 
 

Related Topics

 
  1. Forums
  2. » Sony's Playstation Network totally compromised
Copyright © 2024 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.03 seconds on 12/30/2024 at 12:04:50