Thorp and Sailor's Grave Board

Sony, you fucked up

BDx13 - 4-27-2011 at 02:10 PM

70 million people had their account info stolen
http://blog.games.yahoo.com/blog/631-sony-issues-warning-aft...
Quote:

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID," wrote Patrick Seybold, senior director of corporate communications for Sony Computer Entertainment America. "It is also possible that your profile data, including purchase history and billing address ... and your PlayStation Network/Qriocity password security answers may have been obtained. ... While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.

Personally, I only created account because I couldn't do something on the PS3 w/o one (Netflix, maybe?), but even at the time I was annoyed they were asking for my address and birthday and whatnot. You fucks never needed all that anyway. It was a blatant grab for customer data and now it's all been stolen.

ShawnRefuse - 4-27-2011 at 04:41 PM

hoping I didn't get my id stolen (at least used) yet again.

BDx13 - 4-27-2011 at 05:06 PM

oh, they're basically saying everyone's info was stolen.
their just not committing on the credit card data yet.
glad i never shared that!

morgan - 4-27-2011 at 05:52 PM

What a nice little clusterfuck this has turned into.

Dave - 4-28-2011 at 07:44 AM

yeah i'm not impressed, but really if it happened to Sony, it can happen to Microsoft...

and both of those guys have my credit card info...

Six66Mike - 4-28-2011 at 08:54 AM

Credit card info was encrypted in a seperate DB/table, but who knows how well it was protected. Personal information is a huge concern for identity theft, so that should have been encrypted as well.

They're gonna get sued hard and brought up on all sorts of charges for the privacy leak in countries around the world.

Fuck Sony, serves them well for chasing down file sharers while selling fucking media players and mp3 players etc. Double dipping cunts.

BDx13 - 4-28-2011 at 02:02 PM

Sony faces global legal action over data theft

http://news.yahoo.com/s/nm/20110428/ts_nm/us_sony

clevohardcore - 4-28-2011 at 02:39 PM

I just found out that people pay money to play games with others all over the world, while sitting at home. I don't play games so whatever.

I'm sure they have some sort of legal protection for somehting like this so fuckem.

Six66Mike - 4-28-2011 at 06:21 PM

There's not much you can do to protect you if you fail to protect the privacy of your users/customers. They're fucked pretty bad.

Six66Mike - 5-3-2011 at 01:10 AM

http://www.abc.net.au/news/stories/2011/05/03/3206568.htm
Quote:
Sony says that cyber assaults on its online videogame network were broader than first thought, with intruders getting away with credit and debit card data.

Engineers and security consultants investigating the PlayStation Network breach discovered evidence that information was stolen from 24.6 million SOE accounts and from an outdated database containing people's financial data.

"These illegal attacks obviously highlight the widespread problem with cybersecurity. We take the security of our consumers' information very seriously and are committed to helping our consumers protect their personal data."


There's no mention in the article about encryption, it says they made out with over 24m records of financial data. The last paragraph I quoted is funny. If they were serious about personal data everything would have been encrypted from the start. You don't store high value or personal information anywhere unless it's properly encrypted, and your encryption keys and algorithms have got to be high end for a business and data set this large.

Six66Mike - 5-3-2011 at 08:15 AM

No bullshit, they were hacked AGAIN and more credit card numbers leaked. During the middle of a major security forensics investigation, to be hacked again... pure fucking incompetance. I hope they get sued beyond their means and go out of fucking business.

http://arstechnica.com/gaming/news/2011/05/sony-attacked-aga...

BDx13 - 5-3-2011 at 01:14 PM

what a scene...

Dave - 5-3-2011 at 03:33 PM

no word on the Sony blog about the second attack, or confirmation that the credit card info has been stolen.

but its pretty crappy.

(mental note, remove CC info from xbox live)

XnMeX - 5-3-2011 at 03:53 PM

I had a PS3 a few years back but the bank account and CC have been closed for a while now. Wonder if I still have any worries...

morgan - 5-3-2011 at 06:25 PM

Fuck.

ShawnRefuse - 5-3-2011 at 06:44 PM

Quote:
Originally posted by XnMeX
I had a PS3 a few years back but the bank account and CC have been closed for a while now. Wonder if I still have any worries...


Your personal information is worth more than any credit card. They could just open one up.

Here's hoping it's a hacker doing it for the sake of breaking into a big corporate network.

Six66Mike - 5-3-2011 at 07:19 PM

Better article found, more information.

Apparently it was not a new attack, but they extended their statement to say SOE was hit too. Link below.

PSN = 77 million people
SOE = 24.5 million people
101.5m customers had their personal information stolen, 12,7000 credit cards and 10,700 direct debit accounts (expired apparently) from SOE also hijacked with no mention of encryption. Plus the PSN financial information stolen they said was encrypted.

http://nakedsecurity.sophos.com/2011/05/03/sony-admits-breac...

So over 100m people's personal information has been leaked and tens of thousands of financial data records as well, some encrypted, some unknown.

:no:
Quote:
Originally posted by ShawnRefuse
Quote:
Originally posted by XnMeX
I had a PS3 a few years back but the bank account and CC have been closed for a while now. Wonder if I still have any worries...


Your personal information is worth more than any credit card. They could just open one up.

Here's hoping it's a hacker doing it for the sake of breaking into a big corporate network.


This a whole bunch. Personal information should be the highest priority when it comes to security. There are laws requiring encryption and protection of financial data to maintain credit card ratings & merchant accounts etc, but apparently not enough to protect individual data.

With the data they stored on customers now leaked, people can basically do identity theft. New accounts in your name, claim to be you, hijack stuff meant for you etc.

If your card is stolen or used the bank is insured and you most likely get your money back. What's your insurance against your identity? 0

Six66Mike - 5-5-2011 at 02:14 AM

They think 4chan monkeys did it...

http://www.cbc.ca/news/technology/story/2011/05/04/sony-atta...

lol

Six66Mike - 5-7-2011 at 08:08 PM

This compromise can be extended to Sony Electronics now as well.

http://nakedsecurity.sophos.com/2011/05/07/sony-succumbs-to-...

Six66Mike - 5-23-2011 at 08:06 AM

Nobody else is playing any more but here's more hacks associated to Sony, the most useless pile of shit that ever existed.

So-Net, Sony's Japanese ISP division was hacked - http://www.abc.net.au/news/stories/2011/05/21/3223045.htm
Sony BMG Greece, also hacked - http://nakedsecurity.sophos.com/2011/05/22/sony-bmg-greece-t...

By now the lawsuit liability has surpassed many countries total GDP. Fuck Sony. Go out of business, fall on your sword. Just fucking die.

Six66Mike - 5-23-2011 at 06:59 PM

Totally awesome news - Sony predicts $3.1B loss after tsunami, hacking

http://www.cbc.ca/news/business/story/2011/05/23/sony-loss.h...

Mark Lind - 5-23-2011 at 09:54 PM

I wouldn't worry too much about this. Identity theft is such a big concern that there are all sorts of regulations about what needs to be reported and when. It could have been as simple as a laptop with data on it being stolen and they would have to report it. It doesn't mean anything will be done with the data or that someone even realizes what they have. This sort of shit is happening somewhere every day.

Six66Mike - 5-24-2011 at 03:24 AM

Regulations vary in every country, some have strict laws others less. In the US there's a law you have to tell all stakeholders including customers if there's a data leak or breach. Similar laws don't exist here in Australia, so if someone fucks up most people never know unless media get a hold of it.

The sheer scale and number of businesses impacted at Sony is what's pathetic. The CIO and heads of Security in every division should be fired and held personally liable on top of the company and it's effected subsidiaries.

This is just plain incompetence.

Six66Mike - 5-24-2011 at 05:57 AM

Hey look another one, Sony Music Japan suffers SQL Injection hack

http://nakedsecurity.sophos.com/2011/05/24/sony-music-japan-...

Six66Mike - 6-2-2011 at 07:29 PM

Another day, another hack. Sony Pictures, 4.5 million records leaked.

http://nakedsecurity.sophos.com/2011/06/02/sony-pictures-att...

Six66Mike - 10-12-2011 at 07:28 AM

These useless motherfuckers got hacked again. PSN & SOE, again. 93,000 accounts. Holy fuck.

http://nakedsecurity.sophos.com/2011/10/12/sony-security-sca...