Support NeoGAF

[dude]

Ah, the old "I'm not crazy, the rest of the world is!"-logic. Good arguments for your point too.

Actually - "The world" reacts as it should, this is running in headlines in major newspapers, Sony will be investigated and inspected, and people are obviously mad.
This is all reasonable given the situation, I don't know why anyone would want to downplay Sony's responsibility in this.

Also, downplaying CC, address, name, email and passwords info being stolen? This is just... Wow.

 

[Hanmik]

I'm in the US and I still haven't gotten one either.

I have recieved one.. on my fake US account..

but as you can see it is just the same as the Playstation blog info..

 

[Oozinator]

I DEMAND cash COMPENSATION from Sony for each of my PSN account due to their careless mishandling of my private personal information and for the emotional trauma this is causing to me and my family !

Sony's resolution department may contact me to arrange a wire transfer to my bank account.


Let's start a worldwide class-action lawsuit at the Hague International Court of Justice.

 

[rager]

Fortunately my credit card on file had expired, but I do know this will make me more careful with online purchases - for gaming it will be PSN/Xbox Points cards from now on.

I belive mine is too on the card, but there is no way to check until PSN is back up. Ugh.

 

[get2sammyb]

Maybe, but I do think people will (and should) start using PSN cards more instead of putting their credit card up. I think does does have some long term implications, they probably wont be to drastic though.

This will probably affect people's attitudes on all digital services to be honest. Obviously Sony will be hit hardest.

 

[Projectjustice]

Seriously, GTFO of this thread. You haven't added one thing to this discussion and you are trying to troll. Go play Live or something.

I did if you would actually read. You are taking out your anger on the wrong person. Im not the hackers nor Sony. I didnt steal your information.

 

[Captain Tuttle]

You are delusional. The PSN outage is already almost as long as it takes for a 360 console repair, and no ones getting their identity stolen over RROD.

Yeah maybe. My point is that this will pass for the most part eventually.

 

[webrunner]

Not even close to the same.



Well, my new neighbor does seem a bit shady...

If you see him doing anything like this:

Be very worried.

 

[darkwing]

I DEMAND cash COMPENSATION from Sony for each of my PSN account due to their careless mishandling of my private personal information and for the emotional trauma this is causing to me and my family !

Sony's resolution department may contact me to arrange a wire transfer to my bank account.


Let's start a worldwide class-action lawsuit at the Hague International Court of Justice.

How to start a class action lawsuit

 

[thechemist]

Anyone worried about their credit/ debit card check your emails, as you will have reciepts from sony on there about when you used it on PSN.

 

[Equus Bellator Apex]

I DEMAND cash COMPENSATION from Sony for each of my PSN account due to their careless mishandling of my private personal information and for the emotional trauma this is causing to me and my family !

Sony's resolution department may contact me to arrange a wire transfer to my bank account.


Let's start a worldwide class-action lawsuit at the Hague International Court of Justice.

You've posted this before.

 

[ShogunX]

So I try and change passwords for XBL on xbox.com but clicking 'change password' just seems to take me to my hotmail?

You change you Xbox Live password on hotmail. Both your hotmail and Live account are linked and share the same details.

 

[expy]

You are delusional. The PSN outage is already almost as long as it takes for a 360 console repair, and no ones getting their identity stolen over RROD.

If you're scared about potentially getting your identity stolen, I suggest you stay off the internet... Or.. stop living.. It's not hard to steal someone's identity.

 

[electroshockwave]

No, my current CC card is on PSN and I haven't gotten an email about it.

Got a nice email about PlayStation Move a few days ago though :lol

Yeah, I got one about Patapon 3 on Sunday. -_-

 

[borghe]

I will say one thing about this thread.......... I've been more or less calling for a stop on the drama for credit card security etc... but... this thread has made me wonder why I don't use points cards more... hmm...

and for those who find points cards inconvenient (having to go to the store and all), you CAN load up your accounts (XBL or PSN) with points/funds online and then remove your card (on PSN at least).

eh, maybe this will be the end of me storing my card on these systems... probably not... but if I was vigilant enough I could probably make it work with little to no hassle to me.

You change you Xbox Live password on hotmail. Both your hotmail and Live account are linked and share the same details.

to those wanting to change your XBL passwd.. I just did (not the same, but slightly close) and it is a little confusing.

click Change Password. This takes you to Windows Live/Hotmail. On this page near the top under details it says Password: ******* and next to it (in a bizzarely small font face with no color distinguishing it) is Change. Click that. Yeah, the style of the links and stuff on that page suck. Anyway, real quick to do, no worries.

 

[jmdajr]

Let this be a lesson!

for realz

 

[Skellig Gra]

Yeah maybe. My point is that this will pass for the most part eventually.

I think its way too early to determine. This hasn't even run its course yet.

 

[Keepthechange]

I had conveniently been issued a new debit card a couple weeks ago when i signed up for online banking to replace my current one that was linked to my psn account. Once i heard the news about the compromised accounts i figured now was a good time to activate it and destroy my old one.

 

[mbmonk]

Ah, the old "I'm not crazy, the rest of the world is!"-logic. Good arguments for your point too.

Strawman

 

[Rapstah]

You've posted this before.

That is happening a lot in this thread for some reason. Are people pulling the same jokes from some other forum?

 

[webrunner]

If you're scared about potentially getting your identity stolen, I suggest you stay off the internet... Or.. stop living.. It's not hard to steal someone's identity.

That's why I keep my identity locked in a safe under my bed.

Unfortunately I can't get it out of there because I couldn't trust myself with the combination to the safe, not having an identity and all.

 

[cjtiger300]

I did if you would actually read. You are taking out your anger on the wrong person. Im not the hackers nor Sony. I didnt steal your information.

Saw that, thanks. And I'm not angry. I would like psn to be up, but shit happens. The best buy and tj max issues effected me a lot worse than this. The truth is, if your going to use a cc on q regular basis you have to be prepared for stuff like this. Trust me, if the cc info wad comprimised it is already sold and out there. The thieves who steal stuff like that sell it quick because of how fast the info gets out about the leak.

 

[Jburton]

You change you Xbox Live password on hotmail. Both your hotmail and Live account are linked and share the same details.

So hack hotmail and get Xbox Live info, get personal details etc.

 

[Skellig Gra]

If you're scared about potentially getting your identity stolen, I suggest you stay off the internet... Or.. stop living.. It's not hard to steal someone's identity.

I never said I was scared, but there are plenty of people who would be/are.

 

[larvi]

I have recieved one.. on my fake US account..



but as you can see it is just the same as the Playstation blog info..

Thanks, was just wondering if not recieving one could mean I'm not affected by the breach, I don't have a PS3, only a PSP, and only recently created the account so maybe there is a chance my info wasn't in what was stolen (yeah I know, wishful thinnking)

 

[Fersis]

If you're scared about potentially getting your identity stolen, I suggest you stay off the internet... Or.. stop living.. It's not hard to steal someone's identity.

Hi do i know you? My name is expy.

 

[Projectjustice]

So hack hotmail and get Xbox Live info, get personal details etc.

Its been like this since XBL started, so its nothing new.

 

[CadetMahoney]

http://www.telegraph.co.uk/technolo...tion-hack-Sony-faces-watchdogs-questions.html

Sony faces watchdog's questions:

Sony will be questioned by Britain's data protection watchdog after it admitted hackers stole huge volumes of personal information from the PlayStation Network.

As industry leaders. . . thank our customers for being patient. . . ecosystem. . . Europe. . . heres a list of upcoming games. . . free Home T-Shirt

 

[Abylim]

I guess I feel like getting an email from Sony confirms I'm still a registered user. Even though I have no idea how they could have changed my email off my psn already, I sync'd my trophies a few hours before it went down.

I just hate worrying.

 

[aristotle]

Anyone who is not mad at Sony right now is the one who is not acting rationally.

Why because I don't base my opinions on internet forums or assumptions? The people who are doing that are acting like Sony is at fault. They *might* be but until a formal investigation happens, it's all here-say by internet "media". No one knows if Sony is in talks with people in law enforcement. I know for a fact that many governments would be involved in this investigation since it crosses oceans/borders. I highly doubt that they're looking in this alone without some sort of involvement from outside parties (especially since they said they are using them). I'm taking a wait and see approach, not a "grab the pitchforks & firesticks - let's get those witches/frankenstein!" approach. There may be a time to be pissed at Sony, but in my opinion, it's not now. Maybe further down the line if it is truly their fault, if they kept everything unsecure. No one outside of the company knows for sure and if you look at anything detailing the matter on any website/blog, you'll see the clever wording of "assume", "might be" etc.

Maybe I'm just one of the few being reasonable and waiting for all the facts to come in until I start asking for heads to roll. :shrug

 

[borghe]

Its been like this since XBL started, so its nothing new.

actually this isn't true. It wasn't until Games for Windows Live launched in 2007 that the two were actually connected.

 

[Miggytronz]

So hack hotmail and get Xbox Live info, get personal details etc.

pretty much

 

[derFeef]

If you're scared about potentially getting your identity stolen, I suggest you stay off the internet... Or.. stop living.. It's not hard to steal someone's identity.

Damn, I knew it. It's my own fault that my data got stolen from Sony.

 

[dude]

I don't see the big deal with this.
I mean, changing CC info is so easy, it's a phone call away.
And you should probably change your passwords anyway! Security 101, people.
If you're afraid about your personal information, just change your name, it's just signing a paper, then move! I mean, who doesn't want a change in his life? You could move to Hawaii!

You guys should THANK Sony for helping you to secure your online accounts better and refreshing your dull life.

Why because I don't base my opinions on internet forums or assumptions? The people who are doing that are acting like Sony is at fault. They *might* be but until a formal investigation happens, it's all here-say by internet "media". No one knows if Sony is in talks with people in law enforcement. I know for a fact that many governments would be involved in this investigation since it crosses oceans/borders. I highly doubt that they're looking in this alone without some sort of involvement from outside parties (especially since they said they are using them). I'm taking a wait and see approach, not a "grab the pitchforks & firesticks - let's get those witches/frankenstein!" approach. There may be a time to be pissed at Sony, but in my opinion, it's not now. Maybe further down the line if it is truly their fault, if they kept everything unsecure. No one outside of the company knows for sure and if you look at anything detailing the matter on any website/blog, you'll see the clever wording of "assume", "might be" etc.

Maybe I'm just one of the few being reasonable and waiting for all the facts to come in until I start asking for heads to roll. :shrug

Well, we should all agree Sony was responsible for the info, and the lost it.
Maybe they did anything in their power to protect it - But until we know that, I'm going to assume the worst. I mean, it's not the first time Sony will be shown to have lousy security.

 

[harriet the spy]

If it is true that Sony kept the password on their server un-hashed, the processus to return PSN accounts to their legit owners seems like a nightmare. They can't possibly just turn on the system adn tell people "on your marks! get set! go!". They *could* be sending new password in email or snail mail, but since many people are not using their real addresses - and were somewhat vindicated in doing so through this whole ordeal - that can't possibly work either.

If there is any chance they can transmit console ID with the password, then I guess they could force people to change their password from their most recently used ps3.

Out of curiosity, for security experts here: even assuming that sony only stored the hashed passwords, if you had full control over your ps3 (that might be a bit tough, but I am curious if it could be done, say on a pc, for a different system), could you hack the software to do
"send the hashed key i am giving you"
instead of
"hash the key of the password i am giving you, then send that"

Has anyone ever been able to do something similar?

 

[DaBuddaDa]

Anyone who is not mad at Sony right now is the one who is not acting rationally.

Anger and rationality are generally at odds and almost opposites on the emotion--logic spectrum. It's not worth speculating and gettin' mad at anyone until we know all of the facts of what happened and why.

You guys should THANK Sony for helping you to secure your online accounts better and refreshing your dull life.

Now this is just plain Sony Defense Force. Stop it. Bad. Very bad.

 

[aristotle]

Apologists. I like it. So whenever you use Netflix, Gamefly, Amazon, and God knows what else you type in your card each and every time?

"Unless you're one of those people who clicks 'use the same card'" .... LMAO ... seriously? "Those people" constitute almost every single fucking person that shops online. You honestly think all the people that shop at Amazon enter in their CC every time they shop?

Talk about grasping at straws.

How am I an apologist? In this day and age you really do need to take steps to secure yourself. This thread proves my point. It is not contradictory to it. Just because a majority of the general pool of people do something, doesn't mean I think it's a good idea.

 

[MalboroRed]

I did if you would actually read. You are taking out your anger on the wrong person. Im not the hackers nor Sony. I didnt steal your information.

No you didn't, but you're basically acting as the annoying bystander, like people are complaining about gas prices and you're bragging about driving an electric car and being a vegan.

Damn, I knew it. It's my own fault that my data got stolen from Sony.

Of course not, but everytime you fill out an online form with your personal information you're taking a risk that the entity you're dealing with will keep your information secure.

 

[Hari Seldon]

I DEMAND cash COMPENSATION from Sony for each of my PSN account due to their careless mishandling of my private personal information and for the emotional trauma this is causing to me and my family !

Sony's resolution department may contact me to arrange a wire transfer to my bank account.


Let's start a worldwide class-action lawsuit at the Hague International Court of Justice.

You jest but Sony is going to get sued and sued hard. In the TJ Maxx case 500,000 people had their CC info stolen. TJ Maxx was required to pay for 3 years of credit monitoring plus identity theft services and had to pay $20,000 if the person could demonstrate actual identity theft. In other words, if these hackers do a little identity theft that could land you 20k from Sony if they get sued at least as hard as TJ Maxx.

Also, TJ Maxx was sued by various banks for undisclosed amounts for the cost of re-issuing credit cards to everyone. This is going to be a major financial blow to Sony.

 

[Phonomezer]

This is front page news on tomorrow's Sydney Morning Herald - wow.

 

[Oozinator]

You've posted this before.

just reasserting my claims

 

[jmdajr]

How the PlayStation Network was Hacked

How was the PlayStation Network hacked, though? Ironically, for security reasons, and because Sony is historically very tight-lipped on such matters, we will probably never know the exact attack vector -- but we can certainly make some well-educated guesses about how the PlayStation Network was hacked. First, given its proximity to Anonymous's recent attacks, it's likely that the database breach is somehow related. It's safe to assume that Anonymous could have learned about a weakness in the PSN's security mechanisms, and then passed that data on to another group of hackers -- and from there, if the hole was big enough, the attackers might have been able to simply step right in with an SQL injection attack.

The other alternative is the recent release of a custom PlayStation 3 firmware build called Rebug, which effectively turns a PS3 into a developer unit and activates a slew of features that consumers can not normally access. Most significantly, though, the Rebug firmware gives your console trusted access to Sony's internal developer network. There are reports that once you're on the internal, trusted network, a whole range of new hacks became available, including the use of faked credit card details on the PlayStation Network.

With the custom firmware installed, it's possible that customer details database -- the one that was breached -- became easily accessible. It's possible that Sony's security mechanisms simply didn't account for an internal attack from a trusted network -- and indeed, you can't create a functional network without having some trusted agents.

It's all speculation..but crap if true

 

[darkwing]

This is front page news on tomorrow's Sydney Morning Herald - wow.

Sony is doomed, who would buy from a company who just got hacked

 

[Stumpokapow]

it's a pretty insane speculation

 

[KenOD]

Because of Sony I HAD to change my passwords, I HAD to cancel my credit card, I HAD to change my name to Don Diego de la Vega né" M. Bison, I HAD to move to another city in another country, I HAD to stop switch my primary language to Russian, and I HAD to make a roast beef sandwich. Damn Sony and the hacker who may or may not be able to access and use the information.

None of that is true, except maybe the name part. That would be rather nice to see on my driving license.

 

[Vicetrailia]

Changing my CC number will be a huge hassle goddamn, im just gonna wait it out.

I guess that's why it's good to have a CC or alternate debit card that you pay your bills with in the event that you gotta cancel your "leisure" card.

 

[Lord Error]

This is not one of things things you just blow off and say, "Hey, I'm sure they learned their lesson, here's my new CC#!" and keep going.

But this is not like the Monoprice situation where the CC numbers were confirmed stolen (and used almost immediately soon after). There's no indication that numbers here were actually stolen or are being used now.

Having a credit card stolen is a major pain in the ass. Even worse, Sony stores enough info about you so that somebody could take that info and open new charge accounts in your name, essentially stealing your identity.

Is this really the case? You can open accounts just with someone's name and address with no SSN? If so, that's a big problem.

 

[darkwing]

How the PlayStation Network was Hacked



It's all speculation..but crap if true

Sony relied too much on client side security checking, they should have taken down the PSN and rebuilt it when the CFWs were able to login the PSN

 

[Jburton]

Its been like this since XBL started, so its nothing new.

Seems a bit risky, almost negligent.

I think I will remove windows from my computer, trade in my 360 and games for an etch a sketch and never trust them again.

 

[snap0212]

There may be a time to be pissed at Sony, but in my opinion, it's not now. Maybe further down the line if it is truly their fault, if they kept everything unsecure. No one outside of the company knows for sure and if you look at anything detailing the matter on any website/blog, you'll see the clever wording of "assume", "might be" etc.

Maybe I'm just one of the few being reasonable and waiting for all the facts to come in until I start asking for heads to roll. :shrug

You're not one of the few being reasonable. You seem to be one of the few who have yet to find out that Sony did exactly what is best for them instead of what's best for the customer. They could have told everyone that data may have been stolen, but they decided to stay quiet for almost a week before they did anything.

The fact that data was stolen is bad, but the fact that Sony waited almost a week before telling us anything is just horrible.