• Welcome! The TrekBBS is the number one place to chat about Star Trek with like-minded fans.
    If you are not already a member then please register an account and join in the discussion!

Sony admits utter PSN failure: your personal data has been stolen

You get what you pay for.

The biggest problem is that Sony waited a week before alerting their customers.
 
Dream said:
The biggest problem is that Sony waited a week before alerting their customers.
Click to expand...

Yeah, that's pretty egregious.

There are reports coming out that Sony's authentication server was running Red Hat with Apache 2.2.15 (which is on the old end) ... but there are also reports that Sony was either transmitting passwords in plain text -- or worse, that they were using HTTP GET for CC transactions.

Arrqh said:
Netflix has actually been fine, it keeps prompting you to login to PSN and then when it fails it continues as normal.
Click to expand...

Apparently this is only true for certain users, as it depends on which version of the Netflix application you have. (There are like five.)
 
I'm not too concerned but... I'll still be changing some PWs and I'm probably going to have to get my CC changed as well, and everything that goes along with it.

Nice going Sony. You really dropped the ball on this one. Hacked, not your fault. The time it took you to tell your millions of customers what happened... your fault.
 
Sony didn't wait a week to tell customers about stolen data...

There's a difference in timing between when we identified there was an intrusion and when we learned of consumer's data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion had occurred and to conduct an investigation to determine the nature and scope of the incident.

It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.
Click to expand...

http://uk.ps3.ign.com/articles/116/1164186p1.html

And it is possible something very good may come of all this...

In what would appear to be a bid to appease consumers over the service's outage, the platform holder may be planning to introduce cross-game chat and even in-game video chat "to name a few" new features.

That's according to an Engadget forum poster claiming to be a Sony Computer Entertainment employee.

"As we are rebuilding the network, we are taking into consideration in implementing features such as cross game chat and in-game video chat to name a few," they wrote on the site in response to user queries about the PSN down time.

"I cannot confirm any new features at this time but expect a massive update when the network is restored."

While this should be taken with a pinch of salt for now, the forum user in question has been posting reliable PlayStation news and info on Engadget for a number of months.
Click to expand...

http://www.computerandvideogames.co...turn-with-cross-game-chat-in-game-video-chat/
 
I'd definitely take that with a grain of salt, because Sony Online Entertainment does the actual development of PSN. It's a mess of a system, basically built-to-order by SOE for SCEI in Japan.
 
If I had a PS3 and used the PSN, I would be an extremely unhappy camper right now. That's one hell of a security breach. Losing any one or two items of info on the list would be bad, but tolerable, but losing all that data in one fell swoop, and it being clear which is linked to which? Identity fraud goldmine!
 
My son has a XBox but he uses a pre-paid card to download stuff. Can these cards be used for Play Stations?

Any way it seems that the first case of fraud might have occurred. Details here.
 
Last edited:
Not that I have any current-gen consoles anyway, but this is certainly downgrading my desire for Playstation.

Way to fail utterly, Sony.
 
Well, I finally got their email tonight, though it doesn't say anything that hasn't already been posted. Pretty much a copy of what's already been seen, only now more people can see it and be aware of it.
 
I haven't gotten a notice from Sony yet (but all I've used the PSN for was to get FF7 on my PSP and I used a prepaid card and this was over a year ago so I don't even know if they still have my info)
 
Really not sure what the 'stolen' 'personal data' could be used for. My name and address is available to any person who looks me up in the white pages. Short of selling credit card numbers to Nigerians, this data hack is a whole heap of who gives a damn.
 
Kestrel said:
Not that I have any current-gen consoles anyway, but this is certainly downgrading my desire for Playstation.

Way to fail utterly, Sony.
Click to expand...

The only real "fail" on Sony's part is that the encryption code was static instead of random so the PS3 could be cracked...
The rest of the blame lies solely with the hackers...
The Unix compatibility was removed because people found a way to use it to cheat in games, offline and online...
So these same people got upset that they couldn't cheat so decided to hack the PS3...
Then they released the tools to do it on the internet and some other people used that to download DLC for free so Sony decided to close the PSN down...
And apparently one or two people found a way to download Sony's PSN client-database which may or may not be (partially)encrypted...
 
Arrqh said:
Servo said:
What worked perfectly fine? I mean, I can still use the web browser and watch stuff on the BBC/C4/ITV on-demand services, but stuff like the store, Qriocity, Netflix/Lovefilm, and online gaming is off for everyone.
Click to expand...

Netflix has actually been fine, it keeps prompting you to login to PSN and then when it fails it continues as normal.
Click to expand...

That's what that was! I use my husband's PS3 to play DVDs and watch Netflix, and I was wondering if I had done something wrong since it kept prompting me to login.
 
Servo said:
And it is possible something very good may come of all this...
Click to expand...

My credit card will be very pleased about these new features that mean nothing to me being introduced in the light of Sony's failure to properly secure their servers.
 
Trekker4747 said:
Servo said:
And it is possible something very good may come of all this...
Click to expand...

My credit card will be very pleased about these new features that mean nothing to me being introduced in the light of Sony's failure to properly secure their servers.
Click to expand...

http://www.computerandvideogames.co...credit-card-details-were-encrypted-says-sony/

The credit card data was encrypted, there's no evidence that any credit card details were stolen, and Sony are being courteous in warning people as a precaution that it may have happened.

However, please don't let facts get in the way of your pathetic attempts at sarcastic humour, as you apparently need all the practice you can get.
 
My point was that I minor service/feature upgrade hardly makes up for a massive security breach. So I fail to see how there could be a "bright side" to this situation considering the service upgrade could've been provided without the breech in security.

And, yes, I do blame Sony. Not as much as I may blame the hackers, but Sony plays a role in this as well.

I put my money in a bank that I trust. That bank is robbed. Turns out it was robbed because the bank wasn't practicing good safety features consistent with the industry. The bank deserves blame too.

Sony gets some blame in this. Yes some asshole criminals performed the data robbery but it wouldn't have been able to be done if Sony's security was better.

And from your own damn link:

While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
Click to expand...
 
Last edited:
You must log in or register to reply here.

Similar threads

A
B5's Deconstruction of Falling Stars, Trek-ified (Part 1)
Replies
1
Views
249
Allah Gold
A
McCovey Cove
Star Trek: Delta, Stars, & Anchor #1: "Esprit de Corps" (WIP)
2
Replies
23
Views
1K
BrotherBenny
BrotherBenny
If you are not already a member then please register an account and join in the discussion!

Sign up / Register


Back
Top