Support NeoGAF

[Uno Venova]

So password management recommendations, what'ya got for me GAF?

LastPass.

 

[Garjon]

Holy shit, this has hit mainstream news pages already? I think May is going to turn into a very bad month for Sony. I mean, I don't know how they could recover from this. The way they've managed this situation is absolutely horrible. The fact that they're not going to extend PSN+ for those affected is a massive kick in the groin as well.

I know it's not Sony who exposed all of this information, but if they're planning on selling a product with an insecure service, it is their responsibility.

What makes this worse is that I know that there will be a number of 'hackers' reading this with a big grin on their face; knowing that there are people who are so sociopathic and narcisistic that they will gladly enjoy ordinary paying consumers bearing the brunt of this just so they can stick it to Sony both saddens and frightens me.

 

[Phoenician_Viking]

Awesome, Sony officially fucked up. Thank you.

Can´t you leave the console war bullshit out of this?????????????

 

[ThatCrazyGuy]

I feel sorry for Sony. Blame the hackers the most.

I just want to buy Arcana Heart 3!!!!

 

[Filth]

just when the ps3 was gaining momentum

 

[StuBurns]

Everyone needs to stop shit flinging at each other. Some people are going to be very upset, some less so, it's fine.

 

[TommyT]

So password management recommendations, what'ya got for me GAF?

piece of paper and a pen

 

[Zen]

I don't see how it isn't a 50/50 blame on hackers as well as Sony.

Did Sony exercise a reasonable duty of care that was owed to the customers? Apparently they use the same CC security methods as everyone else. The information is ultimately their responsibility to safeguard, but Sony isn't guilty of any negligence in this scenario it's proven that they in some way breached said standard of care in safeguarding the information.

Sony is at fault in some ways, but I wouldn't say that this is 50/50.

 

[mysteriousmage09]

After an incident with my iTunes Store account, I've never linked my credit card information to any account - not even my PSN account.

Guess I wasn't overreacting.

Bu Bu Sony has shit security! This has never happened before!!!!!!

 

[RyanDG]

Hyperbole much?

http://www.informationweek.com/news/galleries/security/attacks/229300675?pgno=1

Look at the numbers in those leaks compared to the 70 million accounts that were compromised here. It wasn't a hyperbole. The only one that came close was the VA leak.

 

[Seven Force]

I guess it's a blessing in disguise that PSN never accepted my CC info for whatever reason, forcing me to use PSN cards.

Still, this is a pretty massive fuckup.

 

[Stop It]

I removed my card info from PSN just before Anonymous douchebags started fucking with PSN.

Fuck hackers.

You know what, I can't even remember if my CC is on PSN. I know I used it to buy Wipeout HD, but cannot remember if I saved it or not. This is just annoying.

The only thing I am really angry at Sony about is the pretty underhanded attempt to downplay the situation as long as possible and keep their customers in the dark about the safety of their personal information.

I don't give a stuff about PSN being down, or really the reasons why, but if my data (And potentially my CC info, which I of course cannot login to check) has been compromised, it's not good enough to fess up about it a week after bringing the service down.

Now, I hope Sony gets the PSN system back online and makes sure it is secure. While of course the hackers who done this (if they are found) should be punished for this to the fullest extent of the law, Sony need to be conducting a full review of their systems to find out how the PS3/PSN security systems were compromised in such a spectacular way.

 

[Orin GA]

OMG...It was valve....PORTAL 2 WAS A RUSE!!!!!!

 

[-Pyromaniac-]

Again, you shouldn't wait until your debit card is in the negative to react. Not all of us are rich.

I'm not rich at all. Takes a couple minutes to avoid being screwed if you're so inclined to eliminate any worries. I don't have any credit cards on my PSN. Changed my password in a minute.

Once again. You can be concerned about something without freaking out, it is possible. I'm blown away that some of you are outraged that others aren't freaking out.

 

[Kafel]

this should be stickied

 

[ReturnOfTheRAT]

So password management recommendations, what'ya got for me GAF?

LastPass is the best.

 

[Griffin]

inb4 movie 'The Playstation Network'.

 

[heyf00L]

seems they were storing the passwords in plain text

haha oh wow. sony is pathetic

Indeed. So was Gawker. That's like security 101. I know very little about serious security, but I do know that at the very least you should only save a salted hash.

 

[deadhorse32]

hackers finally seriously maimed Sony the Sony name would be associated with hacking

how do you recover from that??

They kinda started it themselves

see : http://en.wikipedia.org/wiki/Sony_rootkit

 

[MThanded]

Where is that fool who posted that informationweek article. Reading comprehension fail on his part.

 

[daffy]

Dude, when you go after people, you put a bullseye on your back...Before they started going all sue crazy, they should have double and triple checked their security...especially PSN as it has access to EVERYBODY.

I am far from defending those who did this...they are scum, to be sure, but if Sony is going to walk with a big stick, they better fucking have a big fucking firewall to protect their incompetent asses.

They should have secured better yeah, but how does that at all relate to having shit security?

Hackers got mad, worked harder to find a way to get back at Sony. They don't just discover loopholes everyday.

 

[Kusagari]

Sony is done in America after this. Maybe not in other countries but their reputation in America is FUCKED after this. It's already getting mainstream coverage and if more and more people come out with charges then Sony's reputation is going down the tubes.

 

[Sblargh]

Hyperbole much?

http://www.informationweek.com/news/galleries/security/attacks/229300675?pgno=1

Put things in perspective, thanks. I was kind of hitting the panic button.

 

[angelfly]

Something tells me this has something to do with moving PSN over SNEA. Someone fucked up royally. Regardless of what they do Sony will never recover consumer trust after this shit. Especially after waiting as long as they did to say CC info may have been taken.

 

[Rebel Leader]

this should be stickied

Indeed.

 

[MustacheBandit_]

this is why I pay 60 a year for good service!

you came in this thread to post this? really?

 

[RockmanWhore]

I know memes are bad, but that's just how I feel :

 

[Mastperf]

So they're just now letting people know their credit card info could have been taken?

 

[Akainu]

I have so many purchases to catch up on when psn is back up.

 

[darkwing]

Holy shit, this has hit mainstream news pages already? I think May is going to turn into a very bad month for Sony. I mean, I don't know how they could recover from this. The way they've managed this situation is absolutely horrible. The fact that they're not going to extend PSN+ for those affected is a massive kick in the groin as well.

I know it's not Sony who exposed all of this information, but if they're planning on selling a product with an insecure service, it is their responsibility.

What makes this worse is that I know that there will be a number of 'hackers' reading this with a big grin on their face; knowing that there are people who are so sociopathic and narcisistic that they will gladly enjoy ordinary paying consumers bearing the brunt of this just so they can stick it to Sony both saddens and frightens me.

i don't think Sony would ever really recover from this, its tough recover the reputation, don't know how they will do it, PS3 got hacked, PSN got hacked

 

[Evlar]

this should be stickied

I don't think you need to worry about it falling off the first page for a while. Unless it gets locked, of course.

 

[Barrett2]

Put things in perspective, thanks. I was kind of hitting the panic button.

Jesus, did you even read the article? PSN breach is actually bigger than most of the incidents listed in that article.

 

[Adamm]

Indeed. So was Gawker. That's like security 101. I know very little about serious security, but I do know that at the very least you should only save a salted hash.

No they werent. The passwords on gawker were all encrypted, you can go download the list from torrent sites if you want.

 

[Brazil]

So how bad is this exactly if you use different passwords on everything? I'm kind of worried that they have the rest of that info, things like full name/address/state/zip etc etc that they might be able to use to get into accounts in other places.

If they can't do anything with all that info then all I have to do is change my PSN password since I don't use 1 password in more than 1 place.

In this shitty world, people can find/buy every information about you if they really want to, anyway. If you use different passwords for everything, there's probably nothing to worry about.

 

[Tworak]

this is really embarrassing. stop being so lax on security, geez.

 

[Dr. Malik]

The way the have handled this and will in the coming days will decide whether I should take my money elsewhere next gen, I love my PS3 but Sony can really piss me off at times and this shit right here ain't sitting well.

 

[McNum]

Well... fuck.

That is an impressive security failure there. Names, addresses, usernames, passwords, and credit card information? I'm annoyed, but I can't help but be a little in awe that this was actually pulled off. Still, it leaves me with quite a few passwords to change. *sigh* Ah well, my current one was getting old anyway.

I'd feel sorry for Sony, though... This caliber leak is going to get one hell of a shitstorm once it becomes widely known, I'd think both from the public, but especially behind closed doors. Being Sony is going to suck for a good while now. But I don't really feel sorry for them, the warning came out far too slowly.

 

[StuBurns]

inb4 movie 'The Playstation Network'.

Our users being ripped off for a million dollars isn't cool...

 

[-PXG-]

Should have been the first reply.

 

[WickedLaharl]

they waited this long to inform us?

fuck you very much sony.

 

[Az]

this should be stickied

It already seems like it is.

 

[Phoenician_Viking]

Where is that fool who posted that informationweek article. Reading comprehension fail on his part.

What can anyone do in case of identity theft?

 

[Zaraki_Kenpachi]

I'm not rich at all. Takes a couple minutes to avoid being screwed if you're so inclined to eliminate any worries. I don't have any credit cards on my PSN. Changed my password in a minute.

Once again. You can be concerned about something without freaking out, it is possible. I'm blown away that some of you are outraged that others aren't freaking out.

Again, that's fantastic that is your case. Some people have debit cards and aren't happy at the possibility of having a lot of fraudulent charges or going through the effort of having to cancel and get new cards.

 

[Ferrio]

They should have secured better yeah, but how does that at all relate to having shit security?

Hackers got mad, worked harder to find a way to get back at Sony. They don't just discover loopholes everyday.

Sony knew must of known their server side security was fucked. I'm guessing one of the reasons they went all gung-ho against the custom firmware. They should of ignored the consoles and focused on their actually infrastructure.

 

[railGUN]

I kinda enjoy seeing what people come up with to defend this... its like the Flat Earth Society forums - some creative logic.

 

[Stumpokapow]

Hyperbole much?

http://www.informationweek.com/news/galleries/security/attacks/229300675?pgno=1

You link that, as if that was supposed to prove him wrong, but PSN has more accounts than any of the incidents you linked to. Provided the worst case scenario (all accounts stolen, plus credit information), this is indeed the largest data theft of all time involving usernames, passwords, and credit. Of the items listed, only one exceeds this in terms of number of people affected, and it didn't relate to either usernames/passwords or credit, just names, and the privacy failure was not exposed by malicious action.

So, no, not hyperbole much.

 

[Green Biker Dude]

Bu Bu Sony has shit security! This has never happened before!!!!!!

he could've just had a keylogger from a botnet on his system

security breaches like this are rare and a sign of incompetence. not to mention a lot of people wanted to serve sony some after their response to the ps3 hacking

 

[Ranger X]

Man this serious shit. And it's really annoying. I'll have to change all my passwords and stuff, I should even cancel my card anyways as a smart guy would use it 6 months from now maybe.

God I love digital era!!

 

[Trevelyon]

I'm confused, why would you need that? Is it the same username and password?

No, absolutely not, but the same e-mail is tied to almost every single account I use to today along with the same password. I don't know what I can be tied to by that, just a layman google search against my e-mail and it has popped up at a few times at places I'm registered to.

 

[derFeef]

I'm not rich at all. Takes a couple minutes to avoid being screwed if you're so inclined to eliminate any worries. I don't have any credit cards on my PSN. Changed my password in a minute.

Once again. You can be concerned about something without freaking out, it is possible. I'm blown away that some of you are outraged that others aren't freaking out.

Of course you are not concerned if you don't have CC info on your PSN. And how the hell did you change your PW if you can't login into PSN even.