Warning: User Information On PlayStation Network Compromised

By Ishaan . April 26, 2011 . 4:06pm

As you may or may not have heard, Sony’s PlayStation Network has been compromised through illegal intrusion by an external entity that has managed to acquire user information stored in PlayStation Network accounts.

 

What this means is that, if you have an account on the PlayStation Network, the following information pertaining to you is now viewable by this entity: name, address (city, state, zip), country, e-mail address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.

 

Information pertaining to your profile data, purchase history and password security answers, too, is at risk, and so is your credit card information if your PlayStation Network account has access to it.

 

In response to the intrusion, Sony have temporarily shut down the PlayStation Network while they attempt to rebuild their backend to enhance security. They hope to have certain services restored within a week.

 

U.S. residents can learn more about the situation and preventing credit card theft here. Additionally, some of the common questions pertaining to the situation have been answered on the European PlayStation blog. Provided you have a PSN account, you can also expect an e-mail report from Sony in the near future.


Read more stories about & & on Siliconera.

  • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

    Anyway, terrible indeed that it happened. In my cast, fortunately that card I have on file is but one of several and is about to expire, so I will just remain vigilant in checking though it was a risk that was agreed to in the Terms of Use. We need better innovations in the security information systems, we are yet to the day where there is an impervious attack resilient network.

    • shy_mel

      While we did agree to the terms I could have sworn I’ve read online that Terms of Service/Use don’t hold up well in courts (in case someone wants to sue Sony for this). Especially in Europe.

  • http://brettchalupa.com/ Brett Chalupa

    I wish I knew if the data compromised was just currently attached credit card information or simply all used credit cards.

    It would also be great if I could log in to my PSN account to change the password.

    I just really am disappointed with how Sony is handling this.

    • Exkaiser

      I don’t really see what Sony could do to handle this situation better.

      They’ve shut down the service so that no one can access it. If they turn it back on so that people can change their passwords before they finish upgrading their backend, then they’ll be opening it back up to further hacking. That wouldn’t really be intelligent.

      You can change your password immediately when the service resumes.

      • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

        I guess people wanted an email the exact second it went down on April 19th, was it, saying that there was an external intrusion and data (that they dont know) could be compromised? I thought the blog indicated it, actually I dont think I had any concerns with how they handled it, in other cases of security intrusions, people find out days late when the bank sends a letter or the grocery store or hear it on the local news and when they have hard facts of what was taken.

        • http://brettchalupa.com/ Brett Chalupa

          Not everyone reads the blog, and not everyone who uses PSN may be using different forms of social media. When there is an attack on over 77 million people’s sensitive information, it is important that Sony lets those people know.

          The benefit of this digital era is that Sony could have hit many different avenues and outlets to help inform their customers. They did not. They had a poorly informed blog post that left the public guessing what could possibly be wrong. It wasn’t until days later that they updated the blog post about an intrusion. It wasn’t until yesterday that they explained some information was accessed and some may have been lost. That isn’t okay, especially in a blog post and on their site.

          Emails should have been sent to alert their users immediately, even if vague and unsure of the details. I would rather be updated and vague than waiting a week to get kind of told what kind of happened.

          • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

            Well I think their frequently asked questions and phone line does a great job of explaining why it took them time to report it. We should be glad they reported it now even though they are still unsure if credit card information was definitely obtained.

          • http://brettchalupa.com/ Brett Chalupa

            In a situation where a company loses personal information and possibly even credit cards, it is their responsibility to reach out to their customers to let them know that there has been a problem.

            I know they are sending emails out, but a week later is simply unacceptable.

            They probably are deciding to send them out now, even without knowing if credit card information was definitely obtained, because the investigation will take some time.

            I am glad they are taking some action, but it still doesn’t reflect the poor handling of the situation the first week of the incident. Especially when that first week was when a lot of people who were informed were upset and jumping to a lot of conclusions.

          • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

            @Brett Chalupa If they knew last week what was definitely taken then why would they have called in an outside security firm? Maybe they couldnt even recreate how the people got in and what they even had access too? I think theres too many unstated and probably questions that cant be answered publically to fully be angry that we werent told of our credit information being in crisis the exact second the network was taken offline. I can not recall the last time any company reported to their consumers the exact second the information breach occured…

          • http://twitter.com/Paradox_me Paradox me

            They would still hire a security firm to learn all that they could about how it happened, who exactly did it and how they could prevent it in the future.

            Besides, there’s a big difference between “the exact second” as you keep putting it, and a whole six days.

      • malek86

        “I don’t really see what Sony could do to handle this situation better.”

        Perhaps not waiting six days to tell me my info could have been compromised.

      • http://brettchalupa.com/ Brett Chalupa

        Sony could have done a lot of things to handle this situation better. This isn’t a matter of handling it by shutting off the servers. That isn’t the only problem here. The problem is how Sony is handling it after they shut down the servers. They are poorly handling how they are telling the public. Better late and correct is better than immediately and a maybe, but it has been a week until they released that information was leaked. They aren’t even sure about credit cards or some other information. They haven’t said what they are going to do other than rebuild the network security. Well it’s been a service up for almost five years now, what else are they going to do differently than before? And if they are going to do it differently, why wasn’t it implemented throughout those five years? When a company takes the responsibility of saying they are securely handling your information and providing a service somewhat dependent on that, they need to be the ones constantly updating their security measures and protecting that information. Not only that, who didn’t see this coming? There has been tons of news surrounding possible poor execution of Sony’s servers and online data storage, the fact that it got this bad is embarrassing.

        Logging in would be great so I can see what information I even have stored, since there is no way at all for me to know, as I don’t remember. I understand why I can’t, I get that. But that doesn’t mean that I still wouldn’t like to be able to log in and see that information.

        Thanks for the advice on when I can change it.

    • http://pulse.yahoo.com/_P5I5ZDAC5VTHUOOLMEGGS7S2MY Shinsu Yokoshimi

      How is it disappointing?

      If this “Entity” was logical and smart enough to do all of this to something as big as SONY, what chance in hell would changing your password have in protecting your information? The “Entity” would simply break through that little gameboy defense attempt and continue its course.

      That’s like Godzilla tearing through your city’s main line of defense, and with a poor quick plan to save your city, you send out a small legion of tanks to stop the monster. Its not going to slow Godzilla down, it’ll just be a worthless obstacle that he’ll send to oblivion in a minute or two.

      What SONY is doing is very logical and reasonable, cut off the direct passage way for the Entity to gain information. This will keep his rampage at bay long enough for a more proper and more structured service security to be developed to protect the PS3 consumers. Hopefully this service will be strong enough to last til SONY comes up with something more stronger. While at the same time, try to find out the true face (or faces) behind this chaos.

      Besides, shutting down the servers will also help keep new PS3 buyer’s from suffering all this.

      • http://brettchalupa.com/ Brett Chalupa

        I am disappointed in the way Sony is handling the situation in the terms of PR. I understand the servers had to be shut down. I don’t understand why they are being vague with the information they store, how they store it, and what could have possibly been accessed. For example, is it only currently attached credit card information, all previous used credit card information, or what?

        It is not okay to wait a week to make a large press release stating that credit cards MAY have been stolen. It’s unacceptable to possibly lose 77 million people’s person information. I know there is no full-proof security. I know that there is always the possibility of losing sensitive information that is stored digitally. That doesn’t make it acceptable though.

      • Darkrise

        “While at the same time, try to find out the true face(or faces) behind this chaos”

        Smith. Agent Smith.

  • https://twitter.com/#!/SplashdownTiger STiger

    I’m not worried. Google Maps can’t even pinpoint my house (I’ve told them like three times that they’ve mislabeled my address) and my bank will freeze my card when they detect suspicious activity (it’s happened before). Besides, what’s a hacker going to do with SIX DOLLARS?

    • Apache_Chief

      Eat like a king. At Burger King.

      • https://twitter.com/#!/SplashdownTiger STiger

        If he’s got bad taste in fastfood, then okay.

        • [The Hunter] Doomrider

          Is there such a thing as “good taste” when it comes to fast food?

          • https://twitter.com/#!/SplashdownTiger STiger

            Wendy’s and Chik-fil-A. Mostly Wendy’s chicken stuff.

            Also Jimmy John’s. ‘Cause it’s literally fast (in both terms of how fast the food is made and delivery).

          • [The Hunter] Doomrider

            Sucks being an European… I don’t even know “Jimmy John’s” and “Chik-fil-A” xD

          • shy_mel

            You have good taste. I don’t know if the hackers could even buy a combo at Chick-fil-a with six dollars though.

          • Suicunesol

            Where I come from, we have something called “In N’ Out Burger”.

          • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

            west coast aye?

    • Exkaiser

      Six double-cheeseburgers from McDonald’s?

      Actually, I think on my end the card currently attached to my PSN account is a Visa Gift Card with two dollars on it.

      • [The Hunter] Doomrider

        Man, I’m hungry.

      • https://twitter.com/#!/SplashdownTiger STiger

        What is with people and this bad taste in fastfood?!

        • Exkaiser

          Well, if you’re going to steal people’s money, you probably don’t have a lot of taste yourself.

          I don’t eat fast food, myself. Nasty stuff.

          • https://twitter.com/#!/SplashdownTiger STiger

            I only eat fastfood ’cause I’m of the “poor college student” demographic. ;[

          • Exkaiser

            It’s a lot cheaper to cook your own food, man.

            I’m a “poor college student,” too, and you save a lot of money if you just never eat out.

          • http://www.youtube.com/user/EnvyMizuhashi Garyuu

            Guess your college sucks at giving students credits and dining dollars so they can get free food. Combine all that with food stamps, and you got all the money you need. ;)

          • https://twitter.com/#!/SplashdownTiger STiger

            Not when you’re away from home for 13 hours a day.

          • Exkaiser

            I’m away from my dorm for thirteen hours a day, too.

    • http://www.youtube.com/user/EnvyMizuhashi Garyuu

      Smelling like Old Spice and not a lady.

  • vadde939

    Oh dear this sounds bad. Glad I don’t use the PSN.

  • http://thrust-the-sky.deviantart.com/ WildArms

    Darn, lol, i dare them to come to my country, freaking hax0rz….

    This is crazy, i finally convinced my dad to use a credit card he had registered on the US to buy Arcana Hearts 3, and this happens, did some gaming world angel protected my funds!?, and darn, poor Aksys :( . i really hope nothing bad happens, to the users, including myself of course.

  • http://www.youtube.com/user/xxHiryuuxx Hiryuu

    Wow, that’s some interesting things that Play-Asia randomly generated.
    “GARBAGE HTML HERE” for only 77.90!

    As for the actual situation itself, if it boils into a whole bunch of people getting their information shot, there will be hell for Sony in the form of a class action lawsuit, you can guarantee it. I’m surprised there wasn’t one that went through after the Linux controversy which has now stemmed into this.

    I mean I like my PS3, don’t get me wrong, but damn if Sony isn’t stupid in a lot of things business related anymore.

    • http://www.facebook.com/strawberry.kurosaki William Hsia

      there was one about the whole linux thing, if i remember sony lost that one and payed like a couple of mil i think

  • Code

    rar, have to watch my PSN/Information carefully T_T; rough times ahoy~!

  • BadenBadenPrinny

    Why is the corporate side of Sony so retarded, why can’t it be awesome like the games they come out with.

  • PrinceHeir

    well im just glad i use fake information and PSN cards for purchasing.

    but kinda sucks for those who use credit cards, damn these hackers, why are you ruining fun? i plan to buy Dino Crisis 2, Aracna Heart 3 then PSN comes down.

    hope they sort this out, im also worried about Parasite Eve II being delayed(hope that’s not the case)

    fix this sony and fast

    • AnimusVox

      I want to buy ‘Vagrant Story’
      :’{

  • http://www.facebook.com/people/Ruby-Jane-Santos/1564798315 Ruby Jane Santos

    Dang, that’s too bad for us players. It’s actually a matter of time when the PSN will get attacked by the hackers… maybe Xbox will be next? lol. kidding. but That’s why you use PSN cards and don’t rely on credit cards that can be easily compromised and it doesn’t concern me as much coz I don’t play online.

  • http://www.facebook.com/strawberry.kurosaki William Hsia

    ugh, this sucks beyond all reason, but people really need to stop bitching about how sonys handling it, it getting quite annoying how many people are calling out without understanding

    • http://twitter.com/Paradox_me Paradox me

      They kept us in the dark, finally revealing a week later that private information for their millions of users may have been compromised. It’s nice that they shut down PSN to prevent any further damage, but they could have handled the most important aspect of the whole situation much better.

    • http://nisemonokami.deviantart.com/ NiseKami

      Yeah but Sony should have told us the first day they closed PSN…

      • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

        I dont think they would be able to figure out what or if any information was being taken that evening it was taken down. What if the security firm revealed no information was taken after they alerted people and it was a hardware error? Causing panic is still not ideal.

        • http://nisemonokami.deviantart.com/ NiseKami

          So you’re saying letting a hacker in the server and not telling anyone is okay.

          • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

            I mean, if we track the updates, external intrusion wasnt revealed until April 22, we can only assume that prior to that, investigation was conducted to make sure that was the case. I dont see where they didnt tell anyone that it had been intruded by an external source was made. I dont think things are reported until there is confirmation. I dont think its logical to assume that, when I was last on PS3 at midnight last week, for them to send an email saying there is hacker with information to back it up.

            Oh well, since they are a proprietary for profit company we will never know unless someone takes them to court, though what can they be taken to court for since we waived the right away in the terms of service…

          • http://nisemonokami.deviantart.com/ NiseKami

            Q.1 When did you realise the system had been intruded?

            We discovered between April 17 and April 19 there was an illegal and unauthorized intrusion into our network.

            But you’re so right on the ToS matter…

  • http://nisemonokami.deviantart.com/ NiseKami

    The cons of online gaming.

  • godmars

    So, correct me if I’m wrong, but didn’t all this crap start because of PS3 owners rights?

    Way to go Geohot and Anon! May you be sent to jail and put in with the general population, and may your bunkmate call you his wife of many years who has earned him many cigarettes.

    • [The Hunter] Doomrider

      AnonOps has already denied responsibility and we’re talking about Sony’s servers here, not exactly jailbreaking a PS3…

      • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

        Surely a jailbroken PS3 could access the PSN and carry out data mining?

        • [The Hunter] Doomrider

          And because someone decides to hack the PSN servers, Geohot should be held responsible?

          Disclaimer: I do not support Geohot’s actions etc. etc. etc.

          • http://pulse.yahoo.com/_CADAUIV2NR5TCIQFQSQO2KU55Q Adam

            Amen to that

          • http://www.youtube.com/user/EnvyMizuhashi Garyuu

            Geohot confessed, so it comes to speculation that “some” portion of Anonymous didn’t like it.

          • [The Hunter] Doomrider

            What did Geohot confess?

          • http://www.youtube.com/user/EnvyMizuhashi Garyuu

            That his methods were indeed piracy and that he will share information to breach security. Either that, or all of his stuff was confiscated. Don’t remember.

            http://blog.machinima.com/insidegaming/2011/04/11/geohot-lawsuit-settled/

          • [The Hunter] Doomrider

            Aaah, the lawsuit thing, yeah. I thought you were saying he confessed that this was his responsibility or something, my bad!

        • Tatsuya1221

          Not really likely, this isn’t the same as tricking psn to think you have money in your wallet, whoever did this hacked the actual psn servers, which isn’t really related to the cfw directly.

          This is most likely a separate hacking situation.

      • http://honorless.net honorless

        Precisely.

        99% chance that this was a concerted attack by a group of career criminals who have a lot of experience with data theft, and who intend to sell the information on the black market. That is not characteristic of “Anonymous”.

      • godmars

        Still, you’re likely still talking about someone using Anon’s work, maybe even working from inside the group exploiting shared information. That’s the darkside of working anonymously: you don’t know who you’re really working with.

        They’re going to take as big a hit in public reputation as Sony is. Wont have as much of a chance to fix the damage. If any.

        • [The Hunter] Doomrider

          Just like honorless pointed out, this is not Anon’s M.O. and I’m sure DDoSing the PSN servers wouldn’t get them any info at all. Even so, considering there’s no factual information as to the identity of the hacker(s)/cracker(s), it’s understandable people will think of Anon first, what with their recent threats towards Sony and all.

          What you and Garyuu suggest is a possibility, though. I just don’t see it being true myself. I hope we find out who the culprit is, Anons or not.

          Yes, this is a major disaster for Sony and it’s getting a LOT of media coverage. As it should. It’s one of the biggest data breaches in recent memory.

          • http://twitter.com/Xuiz enorka miho

            yea.. they started all this… the anonymous group… even its not them.. it doesn’t matter.. they created the chance for those identity theft to exploit their codes… if they hadn’t created it in the first place… then this event would not have happened!!

      • Exand

        Except the way the intruders got access into Sony’s dev network was through a jailbreaked (jailbroken?) PS3.

        The whole fiasco started when Sony noticed people on their PS3 dev network playing online with their jailbreak PS3′s. That led to them discovering people could setup fake CC’s and steal from the PSN store. Which in turn led them to realizing personal data had been accessed through this back door.

        • [The Hunter] Doomrider

          Indeed, some of that happened, but we don’t know if what is happening now is a consequence of it. Data breaches have happened to a lot of companies before and you don’t need a jailbroken PS3 to do it.

          What’s this about a fake CC setup? I read about people getting into PSN dev to get access to the CoD servers after being banned but I’ve never read anything about that. I think you’re assuming some things here (I’m not referring to the fake CC setup info, just generally). They could be correct assumptions, but we don’t know yet.

          Anyway, it’s starting to sound like I’m trying to defend Anon or Geohot, and that’s not the case. I couldn’t care less about them. I just don’t think people should blame others based on assumptions.

    • http://twitter.com/Buuhan1 Kyle Fedora

      You heard it here first, folks!

      Hacking =/= Rape and Murder

      Seriously, perfectly understandable you’re upset, but these guys don’t deserve such sentences… especially with how crowded jails and prisons already are for the people who really belong there.

      • AdamBoy64

        Well, whether hacking is comparable to rape/murder, depends on the financial loss sustained by the entity as a result of said hacking.

        Unfortunately money speaks loudest in the world.

      • http://www.facebook.com/AllenSmithee Samuel Smithee Bateman

        People who really belong there? I’m sorry, but prisons in both Canada and the US are FULL of asshat kids who smoked a little too much pot. The justice system is bull****, and certainly the over-crowding is not due to people “really [belonging] there”

        although I agree with the rest of what you posted.

        • http://twitter.com/Buuhan1 Kyle Fedora

          That’s actually exactly what I meant by that statement. Stop filling cells with mild law breakers (hackers, potheads, wimpy pimps) that belong to truly evil people.

  • Phoenix_Apollo

    I’m so glad I didn’t use a credit card on my PS3. :D

    • Joanna

      Likewise. I was considering it, but I thought that would make me spend more than I need to so in the end I decided against it. Now I’m happy I did. I just hope what honorless said turns out not to be true. Identity thief is scary. I had all my real info up on PSN. 

  • IceRomancer

    Just another case of a couple of idiots ruining it for everyone. Stupid hackers, get a life!

    • http://pulse.yahoo.com/_CADAUIV2NR5TCIQFQSQO2KU55Q Adam

      Poor lonely 20 year old virgins. That’s all they are dood

      • http://twitter.com/Buuhan1 Kyle Fedora

        They may very well be, but they are also quite smart. Not supporting hackers, but least give them a clap for managing to take such a massive network down. These very same people tend to get hired by important employers and work for the greater good.

        • daizyujin

          Exactly. They obviously had something over Sony.

        • http://thrust-the-sky.deviantart.com/ WildArms

          I dont care how smart they might be, just doing this makes them stupid on my list. I hope they get a job in important companies and leave us alone.

          There is nothing worst in this world that looking for your own happiness by expenses of others.

          Beating a colleague to get a promotion is something, but they are just doing this for fun, or to steal or for fame.

        • Code

          It’s important to realize they didn’t actually take down thye network. Sony themselves did, as a security precaution. The hackers likely were only in it to grab personal information, potentially credit card numbers, or accomplish whatever alternative goal they may have had. Sadly though if there goal was just to take down the PSN via compromising Sony’s consumers personal information, they’ve fundamentally taken advantage of every single gamer on the system; hardly something worth celebrating.

        • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

          Who would hire them for infiltrating a network and putting customer data at risk?

          • Code

            Yeah it’s be like hiring pac man to watch over all those delicious dots! We’ve seen him! He has an unquenchable hunger! He’s just trying to get to our dots! *hits pac man with newspaper as he wakkawakka’s away*

          • KyoyaHibari

            It’s a controversial matter considering this person has basically found the loop holes in Sony’s security so in a sense they are helping to improve Sony’s security by pointing out the flaws to them, some people would see this as an opportunity to hire this person so further outbreaks like this can’t happen again. However this person is using very harmful and repulsive methods of infiltrating PSN which is exposing our information and data to the world essentially which is loath-able. That’s how this has proved to be a 2 sided matter, people who aren’t affected by this much or at all even could see this as a potential future statement for improving the PS3′s net security, but those who are deeply affected, (such as myself) are disgusted at this person’s actions and find it highly treasonous whether he is seeking revenge on Sony or making a statement, I despise this hacker and all other hackers for that matter, I hope my information can be un-compromised

    • daizyujin

      This isn’t about getting a life. They wanted your data so they could steal yours. Well your identity anyways.

    • Ren

      Actually, the term you want to use is cracker, from ‘security cracker’. Hackers don’t attack other computers.

  • http://www.myspace.com/effluentrainfall Effluent Rainfall

    Absolutely brilliant.

    • Yui

      I don’t think any of the responses to this statement that I considered would be quite snarky enough to illustrate my feelings about it, so instead I must ask: why?

  • Zero_Destiny

    I’m glad I never used my credit card and stuck to the PSN cards. Seems like Sony did the right thing shutting it down. Glad to see a quick response. ^_^

  • darkfox1

    im not that worried about the information thing. I have not put credit card info on my PSN but the address stuff and email thing might sound bad but, there are millions of people who have a PSN the chances of anyone here getting info stolen or making purchases are very small. If anything does happen to someone somewhere ( I hope it doesn’t) that would be very sad. I also don’t know the whole situation. Is it one person that has all our info? Or is it a group of people?

    • Exkaiser

      No one knows the whole situation. That’s why Sony’s brought in a security company.

  • http://www.facebook.com/profile.php?id=1446063390 Zichri Lui

    That’s lovely.
    It’s not even my credit card, but my parents’. This makes things a whole lot worse, and all I used it for was 3-4 games and some free content.
    I haven’t even talked about this to them yet.
    But there’s no use blaming Sony for this. They’re probably doing the best they can. I’m surprised how many people are blaming it on Sony right now when really those hackers are the only ones to blame.

    • malek86

      I’m more surprised by the people defending Sony. If I agree to give my personal data to a service, it’s because I trust them to keep it safe (mind you, they probably tell you that in the contract too). The moment they screw up for whatever reason and for whoever’s fault, I don’t care who, that trust is cut. They shouldn’t screw up in the first place.

      A couple DoS attacks? Ok, those are unavoidable once in a while. Server overload? Bah, whatever, but try not to make it happen again. Data theft? Sorry but no. That just shouldn’t happen.

      If it were just that “hackers can enter anywhere they like”, nobody should be using online banks… if a bank gets its data stolen, you can be sure people are going to blame them. And rightly so, since they were in charge of all that money.

      • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

        I dont know, hasnt it happened to tons of companies, banks, etc; it just something unavoidable. For example every bank in america has had data breached and personal data taken, I wouldnt resort to not using banking services. It shouldnt happen but if people are willing than any security circumvention can be made…They responded appropriately to me so I do not think Sony is untrustworthy, to me at least.

        • malek86

          As a general rule, when a bank gets hacked, that’s a huge blow to their credibility. You can’t tell people “oh sorry, some of your data was stolen, but it was not our fault”. You think people will accept that kind of excuse? They’ll just tell you to get a better security system, and to give them their money back so they can move to another bank.

          If the company moved fast to avoid any damage and reassure every single customer that they are not in any danger, they might just be forgiven… but, six days would be a bit too much for that.

          • http://www.facebook.com/profile.php?id=1446063390 Zichri Lui

            they just found out about the extent of the problem yesterday…

          • malek86

            Maybe, but i don’t believe it at all. Personal data theft was really the only thing that might have made them close down the infrastructure… and it was closed five days ago, so chances are that they actually did know, but thought that maybe they could try and fix the problem by themselves before people called on them. And notice how it took them days just to admit that it was an outside attack. How can I trust them now?

            And even if it were true… wow, it took them six days to know that whoever hacked the system might have also stolen data? That should be the first thing you check.

          • daizyujin

            Not to mention the fact that there would actually be some kind of official investigation by an outside entity. It seems to me that is warranted here especially given how long they took to even notify anybody.

  • amagidyne

    This stuff is really worrying. I’ve blocked my CC and didn’t use my PSN password for anything else, but there’s still something fairly unpleasant about having all your personal data leaked.

    Whoever did this should be shot.

  • http://www.facebook.com/people/Victor-Martinez/1538778861 Victor Martinez

    Yay for only purchasing with game cards.

  • Lordphantomhive

    Yeah this is pretty bad. I glad that at least I didn’t give any credit card info, and just use PSN cards to buy stuff. Hopefully Sony will get to the top of this quick.

  • HarryHodd

    Checked my cc balance. No unusual charges. Safe for now. My cc company is really good about these types of things so i’m not worried.

  • MrSirFeatherFang

    Well I have used my credit card numerous times for the PSN store, but I always delete the “remembering” portion after transferring money to my PSN account.

    However, I’m highly assuming I’m not safe… right? :(

  • kroufonz

    damn this meant i must manage multiple account, change pass etc,

  • hush404

    I’ll be keeping an eye on my credit card statement, just in case…

    Hackers really are making lots of enemies these days.

  • http://pulse.yahoo.com/_IM3T5NHBIM5ODU6GM3ILW64WEQ Saethori

    There exists a certain level of irony that the first time the PSN started going down… was when I was trying to change my account info. So the address, CC info, all that stuff that got compromised… was horribly outdated.

  • http://honorless.net honorless

    I’m wondering how much time elapsed between the security breach and PSN’s shutdown. It’s most likely a coincidence, but my fiancé and I had to contest around $600 in fraudulent charges about eight days before the network went offline…hmm.

    …Regardless of what happened and when it happened, I feel an immense amount of sympathy for anyone in Sony’s IT departments right now. It’s a truly hellish place to be when stuff like this happens. I would NOT want to be in their sysadmins’/DBAs’ shoes…

  • daizyujin

    Note: This is a response to several comments I have read.

    Wow, wow. So now everybody is knocking on Geohot and Anon like this is them. Newsflash people, this is likely experienced hackers, data miners. It doesn’t have crap to do with hacked PS3 consoles. This is not some pissed off Anon guys doing continuous DDOS attacks. This is likely a group of highly skilled criminals. The only thing hacked here was Sony’s network and it shows they obviously didn’t secure it very well.

    This is not the fault of Geohot, Anon, Basement Hackers, Pirates with flying pigs. The only person or entity that is responsible for this is Sony themselves and it is obvious they didn’t think about what was going on because it took them 6 damn days to tell anybody that was impacted by it.

    In short, put your anger where it belongs, against Sony and whoever the obviously smarter criminals were that did this.

    • http://tristsantithesis.tumblr.com/ Tsunayoshi Sawada

      Seems it was a complex case with no obvious day 1 indication of what data was taken. If they were not basement hackers then the people who did it were probably sophisticated enough to not leave a clear trace of what they took, unless you are a security expert with premonition knowing what data was taken on April 19?

      Sony Says It Didn’t Know Severity Of PS3 Breach Until Monday. The company learned that customer data was stolen on Monday, only after an outside security firm conducted days of forensic analysis, Sony said. There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised,” Seybold said. “We learned there was an intrusion April 19th and subsequently shut the services down.

      “We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”

    • YoungTeeth

      I hate people who defend them. It’s blatantly obvious that SONY has been totally screwed ever since the PS3 was hacked by them. It has been under constant fire from hackers and crackers and whatever else. It once was completely secure, but now piracy is rampant. SONY should have no blame, yes the criminals are to blame, but none of this would have ever happened if it weren’t for GeoHot and Anon.

  • http://www.facebook.com/corey.dyke Corey Dyke

    Just to help, if you do use a credit card with PSN you can do a free fraud alert here to protect from people using any gathered information to make new credit accounts in your name: https://www.experian.com/consumer/cac/InvalidateSession.do?code=SECURITYALERT

  • daizyujin

    6 days eh? It took Sony 6 full days to tell anybody anything. Wow.

    So some guys (or gals) hack their service, steal tons of personal information and their response is to sit on their asses for 6 days and relay nothing to anybody.

    It just blows my mind.

  • http://www.facebook.com/people/Will-Jay/100001526135754 Will Jay

    INCORRRECT

    It MAY of been compromised. I still wouldn’t take the chance.

  • Edgar Cumplido

    They didn’t know info was taken until they had their experts investigate further: “I wanted to take this opporuntity to clarify a point and answer one of the most frequently asked questions today.
    There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”

    (PS BLOG)

    Still is a bummer this happened though

  • Draparde

    This sucks, i had just went out and bought a PSN card for Legend of mana and moondiver the day this happened. :( i hope everything turns out find in the end.

    • AnimusVox

      They were telling you not to buy ‘Moon Diver’
      That’s why this happened………to stop you…..

      • Draparde

        *Gasp*! V_V i should have known!!

  • neo_firenze

    Major correction with one of the comments in this news post – there has been no definitive statement that “your credit card information if your PlayStation Network account has access to it” was compromised.

    From Sony’s release:
    “While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.”

  • http://pulse.yahoo.com/_J24UY7QAEKQY576PHZYS3EN6BA Celine

    Oh the irony. I literally just created a PSN account a single day before they took it offline -_-; Well, at least all the information was fake. I guess may parents drilling in the fact to never give away personal information did something?

  • http://www.facebook.com/people/Loli-Desu/100000633639317 Loli Desu

    Shame, but you get what you pay for. Don’t pay? Don’t expect quality.

  • Suicunesol

    Hmm… this is the second time my personal information has potentially been stolen in the last year. :/ Is something going on? Are companies these days being too lax, or are hackers just getting smarter? Maybe both?

    Waiting six days to let the public know of the data theft was indeed not the best plan… but… I imagine Sony didn’t want to make a public statement until they were absolutely sure that data had actually been stolen, because data theft IS very bad publicity whether on time or six days late. It destroys credibility. You don’t want to announce data theft unnecessarily.

    That said, am I really hearing people say that they’ve lost faith in Sony? That doesn’t make much sense, because after this fiasco they’re very likely to dramatically step-up security, fire the employees who failed to do their job, and want to better themselves so that it doesn’t happen again. Other companies are likely to follow.

  • http://profiles.yahoo.com/u/GJD6KMPFMNNIHFKRN6FI76P5KA Allison

    This REALLY doesn’t sound at all like regular Anon actions. I’m not denying the possibility but it sounds more like a professional and not someone signing themselves up to a botnet for a DDoS.

  • http://pulse.yahoo.com/_S2UKKIGGOA4V5EIFXAD7BQQOV4 Heehee

    Guys, guys! This is terrible. Earlier today, I just met someone who had the same information as me. Then I woke up. All is fine.

  • ninjaonizuka

    Am i wrong for getting upset at ppl who are bashing sony and reely just trolling on youtube theres one guy tellin everyone hes elling his ps3 now other ppl are doing that to :/ sony is trying to stop hacking upgrade security and restore psn cut them sum slack i think they sud have gave the reason why it shut down the minute it went offline or sumthing lol sadly my ps3 is getting fixed so i didnt have to suffer lol xD

    • http://www.nisamerica.com NickyD

      I’m with you. Sony’s basically being victimized for trying to toss a hornet’s nest out of its bedroom.

      People hating on Sony is similar to people blaming a guy for getting mugged, or worse which I won’t say because it can be quite offensive.

  • mikanko

    Worst thing about this is AH3 came out 1 day before PSN went down, and I’m sure it kinda kills the sales of a PSN only game with such a niche demographic. A shame considering how much I’m enjoying it despite not being crazy about the games aesthetic. It’s really surprised me how technically sound and just overall fun gameplay is. Wish there was a disc release on Xbox, I would buy again because I generally find better connections against people on my 360. As it is, I’d rather be playing AH3 online than Marvel vs. Lagcom 3. ><

    That said, whoever did this sucks. =/

    • Darkrise

      Yeah, bad enough that a majority of gamers, if you’ve noticed the comments on youtube, are looking down on this game just because it’s anime styled. It’s stupid of them cuz it’s actually a pretty fun game with interesting mechanics.

  • AdamBoy64

    Well, I’m in the ‘not as unusual as it should be’ boat of…

    Forgotten my PSN password, e-mail account doesn’t exist (and can’t be recreated), and forgot the answers to my secret questions.

    So if the hackers could somehow reset my password, that’d be great.

  • Darkrise

    Well, at least I’ve only used one pre-paid credit card with like only $7 left in it… And it wasn’t even accepted lol so take that! Whoever possibly stole the rest of my info…

  • Guest

    They should dramatize this and make it an anime. I’d watch it lol (maybe I’m getting too carried away with the Godzilla and Pacman metaphors -__-)

  • YoungTeeth

    I hope GeoHot rots in jail for years.

Video game stories from other sites on the web. These links leave Siliconera.

Siliconera Tests
Siliconera Videos

Popular