PDA

View Full Version : Sony :facepalm:


Mary Cherry.
Apr 26th, 2011, 11:14 PM
http://www.bbc.co.uk/news/technology-13192359

Sony has warned users of its PlayStation Network that their personal information, including credit card details, may have been stolen.

The company said that the data might have fallen into the hands of an "unauthorised person" following a hacking attack on its online service.

Access to the network was suspended last Wednesday, but Sony has only now revealed details of what happened.

Users are being warned to look out for attempted telephone and e-mail scams.

In a statement posted on the official PlayStation blog (http://blog.eu.playstation.com/), Nick Caplin, the company's head of communications for Europe, said: "We have discovered that between April 17 and April 19 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network".

The blog posting lists the personal information that Sony believes has been taken.

Name
Address (city, state/province, zip or postal code)
Country
E-mail address
Date of birth
PlayStation Network/Qriocity passwords and login
Handle/PSN online ID

Mr Caplin added: "It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.

"For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information."

Credit cards

Sony admitted that credit card information, used to purchase games, films and music, may also have been stolen.

"While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility," Mr Caplin said.

"If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained."

Sony has not given any indication of how many PlayStation Network users may have had their information taken, but the service has around 70 million members worldwide.

'PR Disaster'

The theft of so much detailed customer data would be seen as a "public relations disaster", according to Graham Cluley, senior technology consultant at security firm Sophos.

"This is a big one," he told BBC News.

"The PlayStation Network is a real consumer product. It is in lots of homes all over the world.

"The impact of this could be much greater than your typical internet hack."

Mr Cluley warned that, even without credit card details, the information taken was enough to help criminals carry out further attacks on other services.

"Some people will use the same passwords on other sites. If I was a hacker right now, I would be taking those e-mail addresses and trying those passwords," he said.

User anger

PlayStation users got their first indication that something was wrong with the service when it became unavailable on Wednesday 20 April.

In the following days, Sony issued three brief statements asking users to be patient while it investigated an "external intrusion", or hack.

However, the fact that it took almost seven days for the company to reveal that data had been taken has angered some gamers.

Commenting on the Sony blog, Tacotaskforce wrote: "You waited a week to tell us our personal information was compromised? That should have been said last Thursday."

Another user Sid4peeps wrote: "This update is about 6 days late. I think it is time to move to the other network, no regard for customers here."

But some PlayStation users appeared to be happy with Sony's handling of the matter. Ejsponge61 commented: "Wow, this is alot of info. Thanks, this is very much appreciated by all of us PlayStation fans."

The Sony PlayStation Network remains unavailable to users. The company has not said when service will be restored.

BuTtErFrEnA
Apr 27th, 2011, 12:03 AM
sigh....at least they caught it?

Frode
Apr 27th, 2011, 01:03 AM
6 days to late................:rolleyes:

Mary Cherry.
Apr 27th, 2011, 01:15 AM
6 days to late................:rolleyes:

I know it's been down 6 days, but they only just revealed the scale of the fuck up.

Frode
Apr 27th, 2011, 03:10 AM
I know it's been down 6 days, but they only just revealed the scale of the fuck up.

I wasn't talking about Your post:)

But Sony, who waited more then 6 days to tell me that my personal information have been compromised:o

Edit: Sony are now saying this


I wanted to take this opportunity to clarify a point and answer one of the most frequently asked questions today.
There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.
For those who were looking there’s also an FAQ with some more frequently asked questions (http://us.playstation.com/support/answer/index.htm?a_id=2356)
Thank you for your continued patience and support


Doesn't make me feel any better:o

Betten
Apr 27th, 2011, 07:46 AM
The blog posting lists the personal information that Sony believes has been taken.

Name
Address (city, state/province, zip or postal code)
Country
E-mail address
Date of birth
PlayStation Network/Qriocity passwords and login
Handle/PSN online ID


Maybe they were just really, really curious about Obama's birth certificate? :lol:

But seriously, big mess-up by Sony. First they didn't adequately protect their service, and then they are stingy (and late!) with information about what has exactly happened. I don't think anyone will be seriously affected by this, but it certainly doesn't do much for Sony's already tarnished image.

gorecki
Apr 27th, 2011, 01:44 PM
:(

Sharapovian
Apr 27th, 2011, 02:07 PM
Great :o so personal info may have been compromised.

Noctis
Apr 27th, 2011, 09:57 PM
Frode were you on at that time?:sad:
I didnt sign on for since the 17th .am i safe? :scared: I don't want to log on I just brought Yakuza 4 and want to try it out .

Frode
Apr 27th, 2011, 10:26 PM
Frode were you on at that time?:sad:
I didnt sign on for since the 17th .am i safe? :scared: I don't want to log on I just brought Yakuza 4 and want to try it out .

You can't logg on, PSN is down.
But You can play games offline, there is no danger in that:)

Nobody is safe here, doesn't mather if You were online or not at the time.
The situation is the same for everybody with a PSN account.

You might wanna read this.

http://www.psu.com/UK-PSN-guide-to-identity-theft-and-what-to-do-if-you-suspect-fraudulent-activity--a011461-p0.php

Noctis
Apr 27th, 2011, 10:38 PM
Oh what a mess :o. Its bad enough that it always lags when I go online. Sony better pay us back.
I am going to change my password. Thank God I failed to register My credit card before and just fund the account with sony vouncher to dl games and trailers.

Did you get anything hacked or failed to do something?

people is saying the hackers are chinese/russians :rolleyes:

Also read something interesting about God of war 4 :hearts::hearts.

Frode
Apr 27th, 2011, 10:59 PM
Oh what a mess :o. Its bad enough that it always lags when I go online. Sony better pay us back.
I am going to change my password. Thank God I failed to register My credit card before and just fund the account with sony vouncher to dl games and trailers.

Did you get anything hacked or failed to do something?

people is saying the hackers are chinese/russians :rolleyes:

Also read something interesting about God of war 4 :hearts::hearts.

We all did. It was Sony who got hacked;)
If You use the same password for any other sites, remember to change them there also;)

But like I said, You can still play offline:)

Noctis
Apr 27th, 2011, 11:05 PM
I read on Metro it's suppose to be back on today.but after this no one can trust Sony now :rolleyes:

Frode
Apr 27th, 2011, 11:16 PM
I read on Metro it's suppose to be back on today.but after this no one can trust Sony now :rolleyes:

Trust is indeed the key word here. Sony are gonna feel the effects of this for a long time.

I doubt they wil be back today allready, but we can hope:)

Noctis
Apr 28th, 2011, 01:16 AM
Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1) Temporarily turned off PlayStation Network and Qriocity services;

2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and

3) Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security, tax identification or similar number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit or similar types of reports.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at www.eu.playstation.com/psnoutage should you have any additional questions.

their reaction is slow,only got this today.

gorecki
Apr 28th, 2011, 03:46 AM
Nothing is safe online anymore...
http://sg.news.yahoo.com/apple-denies-iphones-store-user-location-132835921.html

Mary Cherry.
Apr 28th, 2011, 10:04 PM
Some slightly better news, apparently our credit card details were encrypted:

http://www.bbc.co.uk/news/technology-13231307


But I'm still considering buying an Xbox instead.