PSN Down

By -T-
in PlayStation

 Share

Recommended Posts

Grand Master

American Ninja

Posted
Posted (edited)

Just read the update. Sony did a really good job handling the situation IMHO. Whats done is done just got to move on now.

New blog post:

I wanted to take this opportunity to clarify a point and answer one of the most frequently asked questions today.

There?s a difference in timing between when we identified there was an intrusion and when we learned of consumers? data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.

For those who were looking there?s also an FAQ with some more frequently asked questions

Thank you for your continued patience and support.

Source: http://blog.us.playstation.com/2011/04/26/clarifying-a-few-psn-points/

Edited by American Ninja
Grand Master

Ayepecks

Posted
Posted

What about itunes?

You mean if you set up your iTunes to stream to the PS3? Absolutely nothing. The PS3 just acts as a kind of media center, which means it's only streaming the information (music) you're telling it to stream. It has no access to your iTunes account.

Grand Master

rajputwarrior

Posted
Posted

Just read the update. Sony did a really good job handling the situation IMHO. Whats done is done just got to move on now.

New blog post:

Source: http://blog.us.playstation.com/2011/04/26/clarifying-a-few-psn-points/

That's just a bigger fail on their part admitting they didn't know their own and needed help from people that took a few days to figure out that people's personal information was stolen...

Sony fails at security

Grand Master

Boz

Posted
Posted

To check what credit card you used on PSN check your email for [email protected] and see what credit card you used..

Cancel that credit card and have the bank issue a new one for you to be 100% safe.

Not only that these guys have possibly obtained your credit card information but they have gotten name, address (city, state, zip), country, email address, birthdate as well as your security questions. Since most people pick similar questions these hackers with your birthday, security question and address and all that can probably get into a lot more that I'm afraid to even think of.

This could very well be the end of PS3.. I don't see myself using anything from them after this.. at least not buying anything online or doing anything online with them which is really the death of their service.

What a mess man.

Veteran

CentralDogma

Posted
Posted

Just read the update. Sony did a really good job handling the situation IMHO. Whats done is done just got to move on now.

New blog post:

Source: http://blog.us.playstation.com/2011/04/26/clarifying-a-few-psn-points/

Oh that's great, everyone can go home, situation over. Good thing those hackers won't use my personal information, American Ninja said we can all move on. :rolleyes:

You know why I'm ****ed at Sony? Because it was Sony who I entrusted my personal information to, it was Sony who explicitly outline how they would use that information, and it was Sony who failed to secure that information properly. Not some damn hacker.

Sure I hope they prosecute the hacker as much as the law allows, but Sony had a responsibility that they failed to live up to and they deserve the crap their getting over it.

I've always been leery about buying anything on PSN and this will make me doubly so. And considering how many high profile companies are running into data theft, it gives me pause about any form of digital distribution, even though I have warmed up to Steam.

Grand Master

rajputwarrior

Posted
Posted

To check what credit card you used on PSN check your email for [email protected] and see what credit card you used..

Cancel that credit card and have the bank issue a new one for you to be 100% safe.

Not only that these guys have possibly obtained your credit card information but they have gotten name, address (city, state, zip), country, email address, birthdate as well as your security questions. Since most people pick similar questions these hackers with your birthday, security question and address and all that can probably get into a lot more that I'm afraid to even think of.

This could very well be the end of PS3.. I don't see myself using anything from them after this.. at least not buying anything online or doing anything online with them which is really the death of their service.

What a mess man.

cheers for that. i found it and it's a credit card that i cancelled a couple of months ago. i'm all good (Y)

Veteran

LingeringSoul

Posted
Posted

I would be willing to forgive Sony if they had informed us regarding the severity of the incident right away. What I can't forgive is Sony's complete nonchalance regarding the potential compromising of their users' credit card information. It shouldn't have taken six days for this to surface, and I find it impossible to believe that Sony just didn't know about this until now.

Once bitten, twice shy.

EDIT: Just read Duke's post on page 16. If that's the case, and if Sony had no choice to wait, then that obviously changes the conditions. Regardless of the circumstances, I think it's going to be point cards from here on out, and I'll probably only exercise that option when we're dealing with content that isn't available on the 360.

Grand Master

LiquidSolstice

Posted
Posted

I would be willing to forgive Sony if they had informed us regarding the severity of the incident right away. What I can't forgive is Sony's complete nonchalance regarding the potential compromising of their users' credit card information. It shouldn't have taken six days for this to surface, and I find it impossible to believe that Sony just didn't know about this until now.

Once bitten, twice shy.

EDIT: Just read Duke's post on page 16. If that's the case, and if Sony had no choice to wait, then that obviously changes the conditions. Regardless of the circumstances, I think it's going to be point cards from here on out, and I'll probably only exercise that option when we're dealing with content that isn't available on the 360.

Yeah ok, no offense, but that's just hindsight bias at its finest. I highly doubt anyone would be any less outraged if they were told all their CC info was compromised 6 days ago rather than today.

Grand Master

Miuku.

Posted
Posted

Just got mail from my VISA provider where they stated that so far during the investigation no CC information has been found to leak and if any such information would be discovered, they would contact people affected.

( http://www.luottokunta.fi/fi/luottokunta/uutiset_ja_tiedotteet/toimiala_arkisto/Tietomurto%20ulkomaisessa%20verkkokaupassa%20%2827.4.2011%29 - it's in Finnish so I doubt anyone here will benefit much from it ;-) )

Grand Master

+BeLGaRaTh Subscriber¹

Posted
  • Subscriber¹
Posted

Just got mail from my VISA provider where they stated that so far during the investigation no CC information has been found to leak and if any such information would be discovered, they would contact people affected.

( http://www.luottokunta.fi/fi/luottokunta/uutiset_ja_tiedotteet/toimiala_arkisto/Tietomurto%20ulkomaisessa%20verkkokaupassa%20%2827.4.2011%29 - it's in Finnish so I doubt anyone here will benefit much from it ;-) )

English translation ... HERE

Hacking the Sony PlayStation Network online shop (04/27/2011)

Sony PlayStation Network has announced that it has been subjected to intrusion from 17 to 19.4. PlayStation Network, says that an intrusion has been reached in connection with access to customer contact information such as name, address and e-mail.

So far, Sony's studies have not shown that the credit card information was compromised. If the card details have been compromised, however, are connected to the card issuer to card holders with a security card should be renewed.

Do not post or tell your debit card PIN or bank accounts

If you receive an email, or other contact, asking you to debit card number, validity, PINs or access codes, do not under any circumstances disclose the requested information.

Luottokunta, banks, merchants, government or an international card associations (Visa and MasterCard), no link with the need to inquire about the cardholder data. Information is personal, rather than the cardholder will not disclose them to anyone.

Grand Master

Fourjays Veteran

Posted
  • Veteran
Posted

Wow, this is serious. I've had a lot of fraudulent usage of my debit cards online so I'm used to checking, but still... :/ Will probably resort to using the cards in the future too and reduce what information PSN (and others) have in the future, just to be safe.

I think people here should try to remember that this is extremely serious for PSN users and not something to laugh about, not to mention all the "it is Sony's fault", "it isn't encrypted", etc comments which are mere speculation and scaremongering from the usual anti-Sony crowd. The only ones to blame at the moment are the hackers.

ANY system on the Internet can be compromised. Regardless of who makes it, uses it, runs it, whether it is encrypted, etc. So before you make a "Sony sux, Xbox rules, lulz it is fun to hate Sony and Google" type comment you may want to consider that next week it could just as easily be Microsoft. Worst still, in a few years when they've successfully got all your data "on the cloud" (our systems just aren't ready for it, IMO - there were some massive email thefts a week or two ago as well, and wasn't a bank compromised recently too?).

There is literally no such thing as a 100% secure system. Even if Sony employed every reasonable way of keeping the data secure, there is still a decent chance of it being compromised. Nothing in online security is as simple as "just encrypt it", and you also have the human factor (the best security systems in the world are useless if someone with access is not trustworthy).

There are simply so many possible things that could contribute to a security breach of this scale that no one here could possibly know what caused it or who exactly is to blame. This is such a massive breach though that we are bound to find out eventually via the inevitable government investigations and/or lawsuits. If Sony are to blame I am sure they will pay for it dearly, and I will give them stick too, but at the moment we just don't know.

I just hope this will serve as a valuable lesson to other companies before we have some even more serious breaches with this cloud nonsense.

Grand Master

Singh400

Posted
Posted

ANY system on the Internet can be compromised. Regardless of who makes it, uses it, runs it, whether it is encrypted, etc. So before you make a "Sony sux, Xbox rules, lulz it is fun to hate Sony and Google" type comment you may want to consider that next week it could just as easily be Microsoft. Worst still, in a few years when they've successfully got all your data "on the cloud" (our systems just aren't ready for it, IMO - there were some massive email thefts a week or two ago as well, and wasn't a bank compromised recently too?).

There is literally no such thing as a 100% secure system. Even if Sony employed every reasonable way of keeping the data secure, there is still a decent chance of it being compromised. Nothing in online security is as simple as "just encrypt it", and you also have the human factor (the best security systems in the world are useless if someone with access is not trustworthy).

While I agree any system can be comprised. However, Sony's current security equated to a 1980s 80yr police man with a flashlight sitting at a desk. Their entire security practice was terrible. Even if the hackers did get into the PSN Dev network to unban their consoles, why were our details stored in the same place? Why not on a different differently secured database?

If this wasn't bought to light now, you can be damn sure Sony would be keeping our data as it was - completely unsecure. And you know it wouldn't have been long before someone with real skill to get in and out of the system without getting caught.

Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted

Wow, this is serious. I've had a lot of fraudulent usage of my debit cards online so I'm used to checking, but still... :/ Will probably resort to using the cards in the future too and reduce what information PSN (and others) have in the future, just to be safe.

I think people here should try to remember that this is extremely serious for PSN users and not something to laugh about, not to mention all the "it is Sony's fault", "it isn't encrypted", etc comments which are mere speculation and scaremongering from the usual anti-Sony crowd. The only ones to blame at the moment are the hackers.

ANY system on the Internet can be compromised. Regardless of who makes it, uses it, runs it, whether it is encrypted, etc. So before you make a "Sony sux, Xbox rules, lulz it is fun to hate Sony and Google" type comment you may want to consider that next week it could just as easily be Microsoft. Worst still, in a few years when they've successfully got all your data "on the cloud" (our systems just aren't ready for it, IMO - there were some massive email thefts a week or two ago as well, and wasn't a bank compromised recently too?).

There is literally no such thing as a 100% secure system. Even if Sony employed every reasonable way of keeping the data secure, there is still a decent chance of it being compromised. Nothing in online security is as simple as "just encrypt it", and you also have the human factor (the best security systems in the world are useless if someone with access is not trustworthy).

There are simply so many possible things that could contribute to a security breach of this scale that no one here could possibly know what caused it or who exactly is to blame. This is such a massive breach though that we are bound to find out eventually via the inevitable government investigations and/or lawsuits. If Sony are to blame I am sure they will pay for it dearly, and I will give them stick too, but at the moment we just don't know.

I just hope this will serve as a valuable lesson to other companies before we have some even more serious breaches with this cloud nonsense.

I hope this encourages people to use sites like lastpass. None of my passwords are the same any more.

I've been hacked in WoW which led to Gmail telling me my email had been accessed from China (same password on both). So lucky they hadn't changed my email password in time.

Then there was actual fraud on my visa debit which my bank caught due to the ShopTo leak.

Lastly most spam emails I get actually know my full name and some other surprising details at times.

Its quite scary at times :-(

Hope this is all tidied up by the end of the week.

Grand Master

Fourjays Veteran

Posted
  • Veteran
Posted

While I agree any system can be comprised. However, Sony's current security equated to a 1980s 80yr police man with a flashlight sitting at a desk. Their entire security practice was terrible.

Source? If Sony are doing it though you can guarantee many other companies are just as lax.

Even if the hackers did get into the PSN Dev network to unban their consoles, why were our details stored in the same place? Why not on a different differently secured database?

From what I read yesterday it did sound rather odd regards the developers consoles. My understanding is that they managed to make their regular PS3's report themselves as a dev console, which gave them all kinds of access and powers? If I was in charge of such a system, the developer consoles would be on a separate network (for debugging purposes this may not be possible though), have to use a developer-only PSN account (given out only by Sony) or be prompted for a second developer id/passcode login (in addition to regular PSN, again given out by Sony).

It really depends on what kind of access developers need to things, but I'm surprised (assuming what I read was correct) it is as simple as "Hi, I'm a dev PS3", "Ok, here's the dev access." :blink: As a web developer, I have learnt that you never trust any data provided. It always needs verifying.

Veteran

Vandalsquad

Posted
Posted

From what I have read and understand the dev machines had way more access then they should of instead of just being sand boxed like the 360 machines, as for credit card information and personal information. I have no idea why that was even on the same level, same machines at all. Hopefully the credit card information is fine and under 256 bit encryption like MS and any other normal business that needs to store that information so the customers shouldn't be hurt.

If they did store it in plain text but I have no face for what type of I.T department they are running over there.

7th day of down time over easter, at least PS users can look forward to the freebie classic or 2 when its finally up...

Grand Master

DukeEsquire

Posted
Posted

Just to put it into perspective with all the people freaking out about this:

Identity theft happens on a daily basis with large corporations.

Here is just a sampling from 2010 from the Maryland AG's office.

http://www.oag.state.md.us/idtheft/breachNotices2010.htm

You have Fortune 500 companies, Universities, even a few credit reporting companies losing your Credit Card numbers, Pin #'s and SSN.

In fact, in some states like Kentucky, if your data is leaked, the company does not need to inform you of the leak.

Grand Master

BajiRav

Posted
Posted

Just to put it into perspective with all the people freaking out about this:

Identity theft happens on a daily basis with large corporations.

Here is just a sampling from 2010 from the Maryland AG's office.

http://www.oag.state.md.us/idtheft/breachNotices2010.htm

You have Fortune 500 companies, Universities, even a few credit reporting companies losing your Credit Card numbers, Pin #'s and SSN.

In fact, in some states like Kentucky, if your data is leaked, the company does not need to inform you of the leak.

how does that justify this? If they had a decent system in place and still got hacked they it'd have been understandable...as of now - this just seems a giant cluster****. (this is assuming that unsecured dev. network caused the whole mess)

Grand Master

Kreuger

Posted
Posted
This could very well be the end of PS3.. I don't see myself using anything from them after this.. at least not buying anything online or doing anything online with them which is really the death of their service.
Cause you know, no online service has ever been hacked and had their information stolen before (including credit cards and other personal which could lead to idenity fraud). If you thought Sony was immune or any other company, you're sadly mistaken.
Grand Master

+Audioboxer Subscriber²

Posted
  • Subscriber²
Posted

Just to put it into perspective with all the people freaking out about this:

Identity theft happens on a daily basis with large corporations.

Here is just a sampling from 2010 from the Maryland AG's office.

http://www.oag.state.md.us/idtheft/breachNotices2010.htm

You have Fortune 500 companies, Universities, even a few credit reporting companies losing your Credit Card numbers, Pin #'s and SSN.

In fact, in some states like Kentucky, if your data is leaked, the company does not need to inform you of the leak.

Won't make many people feel better, just maybe shock a little (you don't tend to hear too much about these things unless it's huge corporations).

Fear has already won the battle, mass hysteria, boycotts, promises to never use PSN/PS3 again, ideas of selling whole PS3 collection and rebuying with competitor, etc.

The only cure is 6-12 months of time passing with no indisputable evidence of any information being used - Right now it's not even confirmed about the CC details, but people will cancel/change due to fear. There has been no proof of any information being used fraudulently, if it stays like that for an extended period of time and we have a more secure network, it'll be back to normal business in a few months.

Everyone in the UK was going to boycott ShopTo and it's demise was predicted for leaking CC details - Something fraud came about from, I got hit and so did a few other Neowinians. Our banks caught the fraud fine though - I was phoned about transactions that had been put on hold due to fraud queries. Since then ShopTo's security has been fine, I've used the site again and it's hardly came to any demise.

Grand Master

Massiveterra

Posted
Posted

The reason everyone is freaking out is because this affects 77 million people. Yes, hacking occurs every day. Yes Apple and MS was hacked in the past. But this is 77 million people were talking about.

Stop blaming Sony on this? Lack of communication and gaping security holes isn't their fault at all. /sarcasm

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Qualcomm's new Snapdragon Reality Elite chip brings on-device AI to Android XR devices

      By pradeepviswav · Posted

      Qualcomm's new Snapdragon Reality Elite chip brings on-device AI to Android XR devices by Pradeep Viswanathan Qualcomm has been delivering dedicated SoCs for mixed reality and spatial computing devices for several years. The journey started with the Snapdragon XR1, followed by the Snapdragon XR2 in 2019, the Snapdragon XR2 Gen 2 in September 2023, and finally the Snapdragon XR2+ Gen 2 in 2024. Today, Qualcomm announced a major upgrade with the new Snapdragon Reality Elite Platform, which targets premium mixed reality and spatial computing devices. OEMs can use this SoC to power both all-in-one video-see-through headsets and lightweight, tethered optical-see-through glasses. Qualcomm highlighted that the Snapdragon Reality Elite will power the next wave of Android XR devices coming later this year. These wearables will offer better visuals, improved power efficiency, and deeper on-device AI integration compared to the previous generation. The Snapdragon Reality Elite can deliver up to 48 TOPS of AI performance, allowing large language models and large vision models to run directly on the device for the first time. In addition to enabling new spatial AI experiences, these new AI capabilities will improve head and hand tracking, as well as see-through features. On the performance side, the Snapdragon Reality Elite offers up to 60% higher GPU performance, up to 30% higher CPU performance, and up to 160% higher NPU performance compared to the previous generation. The platform supports visuals of up to 4.4K per eye at 90 frames per second for sharper images and smoother motion. Qualcomm is also claiming significant efficiency improvements. The Snapdragon Reality Elite can offer up to 20% longer battery life under the same workload. More importantly, the chipset can run up to 12 degrees Celsius cooler under load, making headsets more comfortable for users to wear for longer periods. The platform also includes improvements to video see-through, featuring lower latency and better image quality. Qualcomm states that its EVA hardware block helps accelerate demanding computer vision workloads, improving how digital content blends with the real world.
    • Report: Microsoft to use AWS to help GitHub deal with a major surge in demand

      By Nas · Posted

      Umm... GitHub continues to use AWS. That's the story, that's the headline. There's no "new" news here. GitHub continues to require additional capacity beyond the originally-planned Azure allocations. There's nothing special about this; nothing noteworthy. They're still using AWS' infra until the cutover is complete.
    • what other retro software do yall use

      By goretsky · Posted

      Hello, Also known for https://www.theguardian.com/technology/2009/jan/29/adware-internet.   Regards, Aryeh Goretsky    
    • You pay just $100 per TB with this rare 4TB PCIe Gen4 NVMe SSD deal

      By goretsky · Posted

      Hello, I have used a few TEAM Group SSDs, USB flash drives, and Micro SDXC cards in the past. They all seemed to work fine. Regards, Aryeh Goretsky
    • You pay just $100 per TB with this rare 4TB PCIe Gen4 NVMe SSD deal

      By vjlex · Posted

      "just $100 per TB"? Just? Are we trying to make this seem like the new normal? Kinda weird to make it sound like that is not a ridiculously expensive asking price.

  • Recent Achievements

    • Collaborator
      vjlex earned a badge
      Collaborator
    • Reacting Well
      Dys Topia earned a badge
      Reacting Well
    • Conversation Starter
      NovaEdgeX earned a badge
      Conversation Starter
    • One Year In
      Console General earned a badge
      One Year In
    • Week One Done
      Twozo Technologies earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      517
    2. 2
      +Edouard
      182
    3. 3
      PsYcHoKiLLa
      106
    4. 4
      Steven P.
      88
    5. 5
      ATLien_0
      68
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!