Jump to content

PSN users' personal details compromised

excel_excel

By excel_excel,
in PlayStation Games

 Share

Recommended Posts

excel_excel Newbie

excel_excel

Posted
Posted

Yeah where's the thread on this! Oh here it is.

 

http://www.eurogamer.net/articles/2011-04-26-psn-users-personal-details-compromised

 

http://blog.eu.playstation.com/2011/04/26/psnqriocity-service-update/

 

It took them quite a while to notify of us of this. Thoughts? Aside from FUCK.

Link to comment
Share on other sites
  • Replies 275
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Mister Jack
Mister Jack

Boy when I saw this thread back in the new content list I nearly shat a brick for a second there.

CorgiShinobi
CorgiShinobi

See, I don't believe Sony necessarily "messed up" their security. Every type of security can be "hacked." There are just some that are more easily cracked (Gawker) and some that take a lot of time to

RockyRan
RockyRan

Internal testing in its "final stages":   http://www.joystiq.com/2011/05/05/sony-psn-rebuild-complete-internal-testing-in-final-stages/   Oh, and free identity theft protection for a year:   htt

Strangelove Newbie

Strangelove

Posted
Posted

Its weird, but i feel so unimportant that stuff like this doesnt bother me too much. Besides the credit card info, they can have access to my psn, my email address, my real address, my kotaku profile. I just dont have anything worth exploiting. Seriously. I feel like they wont even bother to get my info.

Link to comment
Share on other sites
Thorgi Duke of Frisbee Newbie

Thorgi Duke of Frisbee

Posted
Posted

Tycho Brahe of Penny Arcade put it perfectly;

 

"The thing to say on your web is that since PSN is free you can’t really complain about it, and that’s pretty dumb. Maybe you could have said that if you couldn’t play Ratchet and Clank online with your Playstation 2, but that era is fucking over. By “that era,” I’m referring to the one where chains of appliance “islands” exist in millions of discrete universes across the globe. The store, your friends list, these aren’t perks. By 2011, they’re bedrock assertions of the medium. The deal they made with users - one which, for years, was the justification for a gruesome price disparity - was “free Xbox Live,” not “shit happens.”

 

They have a serious problem here, and as serious as their technology problem might be, it’s not the biggest one they have. Their problem is that they don’t know how to communicate about anything but their legendary prowess. They simply don’t have it. I mean, genetically. They need to find a human being, or hire one, and start an actual dialogue with users.

 

They need to do this last Friday."

Link to comment
Share on other sites
deanb Contributor

deanb

Posted
Posted

It does seem pretty grim, doesn't it. I can't believe they have all those details tied together, and accessible. You'd think the personal details would be well separated from the public details, like PSN ID etc. :blink:

 

How would they know who you are and what games you've bought?

 

As for "accessible" it's not like they just left them on the back of a taxi or something. Required running CFW to get it to think your PS3 was a dev console, then using proxies n shiz to get onto the dev PSN, then grabbing the details through that.

 

It's a pretty shitty situation all around (though as I pointed out on twitter if folks were uber serious on keeping their CC info safe it's not like Sony don't sell PSN cards) but tbh I don't think much will come of it. It's not even a sure fire thing that the info has been leaked. Or who to. Just that they were compromised so it's a possibility. If you're not 100% sure that in a breach none of the data has been accessed then it's just to standard procedure to inform your users.

Link to comment
Share on other sites
TheFlyingGerbil Explorer

TheFlyingGerbil

Posted
Posted

By separate I mean there should be a database with your PSNID and less sensitive info, (games you own, friends list etc. - things that you use for gaming and are visible to the public anyway) then there should be totally separate your billing info, address, email and passwords etc and obviously that would also have your PSN ID but it should be a totally separate (and more secure) system.

Link to comment
Share on other sites
RockyRan Newbie

RockyRan

Posted
Posted

Apparently some people around the net are reporting fraudulent charges with cards that were linked to the PSN store. Turning on my Bullshit Trolling Filter (patent pending) it looks like at least a couple of these claims are legit. Difficult to say, though, the damned thing craps out every other day.

 

Sony's definitely going to have to pull some PR skillz to get people calmed down, but then again PR hasn't exactly been Sony's forte since, well...ever. I guess at least this is another reminder of the risk you run when putting info online. Any online system is open to attack to some degree or another, no matter what service we're talking about. And this should be a message that speaks to ALL gamers out there, including those smug dipshits taking this opportunity to loudly declare that their XBOX Live fee is suddenly all the more justified, as if requiring consumers to throw money at a network infrastructure makes it magically immune to every conceivable attack by some arbitrary measure.

  • Like 1
Link to comment
Share on other sites
CorgiShinobi Newbie

CorgiShinobi

Posted
Posted (edited)

The only concern there should be is credit card info, and even then, who's aware of how widespread that is. I check my bank account online daily, and nothing out of the ordinary has occurred. If it does, I'll go down to the bank, report fraud and receive a new card within a week.

 

I use a separate password for PSN, so it's not possible for anyone to access my email through this intrusion. Everything else, it doesn't really matter. Oh shi- there's a PSN user located in City, State, United States!

 

I'm giving Sony until Thursday morning. That will have been a full week of this outage, and to me, I only have the patience for a week of no online anything. I sorta agree with the Tycho comment, but at the same time, I'm not losing out on that much. If this were Xbox Live (Gold), I would be losing time for a service I did pay for.

 

Of course, all the PSN Plus and DC Universe Online users are losing money, so they should have been pissed days ago. :lol:

 

EDIT: At this point, I'm thinking the only thing Sony could do to satisfy PSN users is offer a free (extended) year of PSN Plus service.

Edited by Atomsk88
Link to comment
Share on other sites
CorgiShinobi Newbie

CorgiShinobi

Posted
Posted

Yeah, those folks who has PSN Plus will need something in return for the almost a week of outage. PR, Sony, PR...

Not sure about us free folks.

I'm saying 1 year PSN Plus subscription. The way I see it, Sony wouldn't be losing a lot of money, and users would be receiving content. Everyone who registers afterward would be stuck on the free service until they pay for the subscription. I mean, anyone new wouldn't have gone through the outage.

Link to comment
Share on other sites
Mal Contributor

Mal

Posted
Posted

Lets see how much longer this goes. For sure the PSN Plus folks will get some free time and for sure its not just what they lost. At minimum it will be one month. If I was in Sony, I would say 2 months at the moment. Then with each passing week, one extra month.

 

I'm having a bad feeling that this might extend for two weeks... and at the point I don't think Sony can even get away with not letting the free folks have something.

 

Man, it has been such a nightmarish last few weeks for Sony. From the Geo-whatshisname thing, to the subsequent retarded Anon thing... at least I can hope Sony will have a beefier security after all this.

Link to comment
Share on other sites
deanb Contributor

deanb

Posted
Posted

tbh as far as I'm concerned I'm feeling pretty safe. At the moment it's all just "maybe" and "we believe" if it was absolutely guaranteed that someone had nabbed the stuff they'd be required to say "your info has been taken" or something along those lines. It just reads like they're giving a heads up just in case. We're talking 70million accounts, you'd generally know for sure if that much info had been grabbed.

Even if it's a small amount that's gabbed I reckon only a few will be tied to CCs. And if your bank is halfway decent it'll have some kind of fraud protection. In which case a dodgy charge gets flagged, you get called. And if it's not you a new card gets issued.

 

 

 

As for getting stuff out of it, yeah I reckon PSN+ will get a free month. But everyone else will get zilch and shouldn't really expect much from this either.

 

edit: Well here in the UK the ICO (Information Commissioners Office, not the studio :P) are looking into it for breach of the DPA. I'm going to assume, but tbh I'm slightly doubtful, that the US has similar stuff in place? The final principle pretty much requires you do mind.

Link to comment
Share on other sites
Toshi Newbie

Toshi

Posted
Posted

Afaik, I don't remember using my real name or address to register on PSN anything, and I've been keeping a watch on that credit card I never use that was registered. Though I feel that a real name and address would be used for billing that. I feel the likelihood of them actually using mine is probably low though, and I'll keep watch anyways.

 

I'm oddly amused by the reaction of gamers though. Everyone is using the situation for Live vs PSN talks and the you get what you pay for bs. Fanboys are extremely weird people.

Link to comment
Share on other sites
MasterDex Newbie

MasterDex

Posted
Posted

Its weird, but i feel so unimportant that stuff like this doesnt bother me too much. Besides the credit card info, they can have access to my psn, my email address, my real address, my kotaku profile. I just dont have anything worth exploiting. Seriously. I feel like they wont even bother to get my info.

 

Yeah, I'm feeling the same way about all this. I'm still going to do a quick security check just to be on the safe side but I'm honestly not really worried. I will say though that I think Sony really handled this badly. If they had any suspicion that personal information may have been compromised, they should have said so as soon as the suspicion arose.

 

Then again, I don't know why I expected any different. Sony is terrible at PR (that goes for marketing too).

Link to comment
Share on other sites
staySICK Newbie

staySICK

Posted
Posted

I can't find the actual tweet, but although funny, it was quite poignant for the times, and it was something to the effect that "hackers stole from PSN what is on everyone's facebook page."

 

People are more sharing now than ever, I really find it disturbing the amount of people on my flist freely provide their address and phone number.

 

The credit card is the big if, and right now Sony isn't fully sure if those have been compromised. So like everyone else, I'll just watch my bank. I originally didn't want to tie a card to it; but when I first got the ps3, psn cards weren't available, and I must have forgot to have it not store my data from that first purchase.

Link to comment
Share on other sites
CorgiShinobi Newbie

CorgiShinobi

Posted
Posted

My address isn't even current, but still, what would someone do with all those addresses?

 

Introducing the PSN User Phone Book!

 

a year free subscription?! keep dreaming. I think that is way out of proportion to what has happened.

 

Fine, then the three month package. :P

 

Depending on how much longer it will take to "rebuild" the network, we could be sitting offline for quite a while.

Link to comment
Share on other sites
deanb Contributor

deanb

Posted
Posted

So some more detailed info is heading out, also via the scene. Still relating it to the Rebug thing. (Oh yeah this threads newsih, catch up here: http://pressxordie.com/2011/04/25/rumour-sony-psn-downtime-a-reaction-to-cfw/)

 

So apparently what it allowed was, apart from the whole piracy thing by crediting accounts with infinite cash, you could use it to log in as anyone else. Just needed to know their PSN ID. Which means the amount of compromised accounts is probably much much much lower than the full 70million. And apparently while they could spend your cash on the PS Store, they can only see a small part of your CC, same as when you go to other places that store your CC then display as: 42** **** **** **69.

 

Which kinda fits. As I've said many times, if you had a file with 70million accounts on it downloaded off your servers you wouldn't be all "we believe" n "may". You'd fucking know. But if a few hundred, thousand at tops, accounts were compromised then they'd be kinda doubtful on which accounts those were.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...