The W
Views: 97814911
Main | FAQ | Search: Y! / G | Calendar | Color chart | Log in for more!
30.7.14 1236
The W - Video Games - PSN hacked?
This thread has 6 referrals leading to it
Register and log in to post!
Thread rated: 6.21
Pages: 1 2 3 4 5 6 Next
(808 newer) Next thread | Previous thread
User
Post (105 total)
Oliver
Scrapple








Since: 20.6.02
From: #YEG

Since last post: 11 hours
Last activity: 10 hours
AIM:  
ICQ:  
Y!:
#1 Posted on | Instant Rating: 1.71
PSN has been down since Wednesday due to a hacker attack.

    Originally posted by Playstation Blog (at blog.us.playstation.com)
    An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share.
Man, I was really looking forward to playing Modnation Racers or my new NASCAR game online this week for a good chunk of weekend...There's a lot to do in the game outside of the online multiplayer in both games, but this is really an annoyance.

I've had more or less seamless access to PSN since I received my PS3, but I'm wondering if this happens often.

Other news: Seems some downloadable Capcom games won't work without an online PSN connection. (kotaku.co.au)



Promote this thread!
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 16 hours
Last activity: 1 hour
#2 Posted on | Instant Rating: 9.31
There has been occasional down time before - often ill timed scheduled maintenance - but this long lasting total shut down has only happened this year, since the war between Sony and the PS3 hackers has fired up.



thecubsfan.com - luchablog
Spank E
Kolbasz








Since: 2.1.02
From: Bournemouth, UK

Since last post: 40 days
Last activity: 18 hours
#3 Posted on
Weirdly, it's let me finish downloads that had started before the downtime and it's also let me download a couple of patches too.



Leroy
Andouille








Since: 7.2.02
From: Huntington, NY

Since last post: 2 hours
Last activity: 10 min.
#4 Posted on | Instant Rating: 6.22

Anonymous is denying responsibility, but who knows.

While I am generally happy with my PS3, Sony's not making the best decisions with regards to its public relations. I was pretty annoyed to have spent a weekend installing linux on my box only to have that feature removed a month later. And not being able to access Hulu or Netflix for three days isn't exactly endearing me to Sony, regardless of the cause.
Alessandro
Lap cheong








Since: 2.1.02
From: Worcester MA

Since last post: 47 days
Last activity: 25 days
#5 Posted on


Yeah, this has been a known "issue" for awhile now ... The really sickening part is that this can affect totally "offline" games (i.e. there is no online component to the game, like "Final Fight", but you still need to be actually connected to the internet in order to play it); horrible decision.



"All RAW is these days is a cheap version of Saturday Night Live, so if you wanna tune in to watch the amazing star power of Al Sharpton and Nancy O'Dell, go ahead! Who's gonna host next week, Big Bird? Wow, that's must-see TV!" - John Morrison (10/16/09 Smackdown!)


Parquet Wishes and Leprechaun Dreams
FALCONNNN PAWNCH!!!


thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 16 hours
Last activity: 1 hour
#6 Posted on | Instant Rating: 9.31
And they're still down. But perhaps now with a more definite explanation:

    Originally posted by Joystiq

    In a post on Reddit, chesh claims that a CFW known as "Codename: Rebug" had given its users the ability to log into PSN as if they were doing so from a developer console (or "debug unit").

    As a result, chesh contends, this same exploit could allow its users to add funds from "dummy" credit card accounts into their PSN wallets, ostensibly giving them the ability to "unlock" (read: steal) certain PlayStation Store content.





thecubsfan.com - luchablog
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 16 hours
Last activity: 1 hour
#7 Posted on | Instant Rating: 9.31
This is not good!

    Originally posted by Sony

    We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network.

    ...

    Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.

    ..

    When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.



This is followed by many tips about how to check your credit. This is going to end up very expensively for Sony.

They've brought in an outside firm to check the system's security, which means (my guessing)

  • they suspect it was an in-house job
  • they suspect there might be a backdoor hack to get this date and need someone they trust to look for it.
  • they can't turn it back on until they're sure they're clean.



    thecubsfan.com - luchablog
  • Leroy
    Andouille








    Since: 7.2.02
    From: Huntington, NY

    Since last post: 2 hours
    Last activity: 10 min.
    #8 Posted on | Instant Rating: 6.22

    That's just mind-numbingly bad. And they waited almost a week to tell folks about it? Surely, they've known for a while. Wow.

    Sony admits utter PSN failure: your personal data has been stolen (arstechnica.com)
    Scottyflamingo
    Bratwurst








    Since: 23.6.10
    From: Auburn, AL

    Since last post: 376 days
    Last activity: 105 days
    #9 Posted on | Instant Rating: 2.77
    I think a year of free Playstation Plus and $100 of PS points will make up for this.
    El Nastio
    Andouille








    Since: 14.1.02
    From: Ottawa Ontario, by way of Walkerton

    Since last post: 5 hours
    Last activity: 1 hour
    ICQ:  
    #10 Posted on | Instant Rating: 9.00
    As someone who does IT, words cannot describe how catastrophic this is for Sony. This will be the mother of all Karma Houdini routines if they get away with this.



    After a (very) long hiatus, I have begun to write again. And this time, I'm not alone!

    Click Here (basisgames.blogspot.com) to check out Basis Games - Video Game/Console Reviews, Commentaries, and Analysis. Check it out!
    Oliver
    Scrapple








    Since: 20.6.02
    From: #YEG

    Since last post: 11 hours
    Last activity: 10 hours
    AIM:  
    ICQ:  
    Y!:
    #11 Posted on | Instant Rating: 1.70
    Thank GOD I don't have credit card information on there.



    Leroy
    Andouille








    Since: 7.2.02
    From: Huntington, NY

    Since last post: 2 hours
    Last activity: 10 min.
    #12 Posted on | Instant Rating: 6.22
      Originally posted by Oliver
      Thank GOD I don't have credit card information on there.


    The credit card isn't really an issue (unless you're using a debit card). We've had local gas stations where people's credit cards numbers were ripped off. It happens, and it's usually just a phone call and an afternoon of updating accounts. Annoying - sure, but resolvable.

    It's the personal info that has me buggered - basically making the culprit one SSN away from taking out credit in my name. It's really inexcusable. And that fact that they STILL DON'T KNOW - after a WEEK - the extent of the compromise means they might never realize the extent of the break in.

    This isn't just a matter of who wasn't minding the store - there were TEAMS of people not minding the store.

    (edited by Leroy on 27.4.11 1222)
    Scottyflamingo
    Bratwurst








    Since: 23.6.10
    From: Auburn, AL

    Since last post: 376 days
    Last activity: 105 days
    #13 Posted on | Instant Rating: 2.77
    What pisses me off is that these fucking hackers are supposedly about "freedom" of the user to mod their equipment and do what they want. But they are taking away the ability of other users to play online.
    El Nastio
    Andouille








    Since: 14.1.02
    From: Ottawa Ontario, by way of Walkerton

    Since last post: 5 hours
    Last activity: 1 hour
    ICQ:  
    #14 Posted on | Instant Rating: 9.00
      Originally posted by Scottyflamingo
      What pisses me off is that these fucking hackers are supposedly about "freedom" of the user to mod their equipment and do what they want. But they are taking away the ability of other users to play online.


    You know who as responsible and if these were their motives?



    After a (very) long hiatus, I have begun to write again. And this time, I'm not alone!

    Click Here (basisgames.blogspot.com) to check out Basis Games - Video Game/Console Reviews, Commentaries, and Analysis. Check it out!
    John Orquiola
    Scrapple








    Since: 28.2.02
    From: Boston

    Since last post: 31 days
    Last activity: 31 days
    #15 Posted on | Instant Rating: 6.16
    http://www.g4tv.com/thefeed/blog/post/712190/psn-class-action-lawsuit-filed/




    @BackoftheHead






    www.backofthehead.com
    thecubsfan
    Scrapple
    Moderator








    Since: 10.12.01
    From: Aurora, IL

    Since last post: 16 hours
    Last activity: 1 hour
    #16 Posted on | Instant Rating: 9.31
      Originally posted by El Nastio
        Originally posted by Scottyflamingo
        What pisses me off is that these fucking hackers are supposedly about "freedom" of the user to mod their equipment and do what they want. But they are taking away the ability of other users to play online.


      You know who as responsible and if these were their motives?


    "Anonymous" did take credit for earlier downtime on PSN, but called it off citing the same reasons as Scottyflamingo; their problem was with Sony, not the users. They say they don't have anything to do with this current problem (and it doesn't fit their aims.)

    To get the information that's Sony says has been leaked out, you'd need access to their servers. The recent bit of hacking has allowed users to change how their consoles and accounts are looked at by the server, but they're not getting privileged access to the server, and it wouldn't really make any sense for a console to ever have access to the entire user database. Either Sony did some amazingly bad job of coding (allowing something equivalent to a SQL injection attack?) or it's a different point of entry (which is what I'm still leaning towrads.)



    thecubsfan.com - luchablog
    Leroy
    Andouille








    Since: 7.2.02
    From: Huntington, NY

    Since last post: 2 hours
    Last activity: 10 min.
    #17 Posted on | Instant Rating: 6.22
      Originally posted by thecubsfan
      Either Sony did some amazingly bad job of coding (allowing something equivalent to a SQL injection attack?) or it's a different point of entry (which is what I'm still leaning towards.)


    Even so - allowing a single point of entry to have access to an entire 70 million+ user database is still a bad idea - even if they thought (gambled) that they had enough security in front of it that it would never be an issue.
    thecubsfan
    Scrapple
    Moderator








    Since: 10.12.01
    From: Aurora, IL

    Since last post: 16 hours
    Last activity: 1 hour
    #18 Posted on | Instant Rating: 9.31
    They posted a new Q&A on the PSN blog.


      Q: Was my personal data encrypted?
      A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.

      Q: Was my credit card data taken?
      A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.


    So it seems like they probably did not get the credit card information and they probably wouldn't be able to unencrypt it if they did, so I'm a little less worried about that. Of course, Sony probably thought getting that far was impossible a couple weeks ago and weren't exactly right about that.

    This was interesting:


      Q: What steps is Sony taking to protect my personal data in the future?
      A: We’ve taken several immediate steps to add protections for your personal data. First, we temporarily turned off PlayStation Network and Qriocity services and, second, we are enhancing security and strengthening our network infrastructure. Moving forward, we are initiating several measures that will significantly enhance all aspects of PlayStation Network’s security and your personal data, including moving our network infrastructure and data center to a new, more secure location, which is already underway. We will provide additional information on these measures shortly.


    That sure seems to put some of the blame on whatever was going on at the old location. It'll be an interesting story, whenever it gets out.

    I like the idea of turning off the system to make it more secure. I can make sure my car isn't using any gas by turning it off, but we're not really getting anywhere that way.

    Elsewhere in post
    - a software update is coming to force everyone to change their password.
    - their hope is to get "some services" up by Tuesday.



    thecubsfan.com - luchablog
    Alessandro
    Lap cheong








    Since: 2.1.02
    From: Worcester MA

    Since last post: 47 days
    Last activity: 25 days
    #19 Posted on
      Originally posted by Leroy

      It's the personal info that has me buggered - basically making the culprit one SSN away from taking out credit in my name.


    To be fair, that is still a pretty big hurdle for these hackers to overcome (I assume you never posted your SSN in your PSN profile, right?) ... It is an inexcusable breach in security, no doubt, but - from all accounts - it looks like people should be safe as long as (a) all of their PSN transactions were made with pre-paid PSN cards (amazon.com); and (b) they lied about their birthdate when filling out their account info (which is what I always do when signing up for these sorts of things ... what does Sony need to know the exact date of my birth, all they need to be aware of is that I'm over 18).





    "All RAW is these days is a cheap version of Saturday Night Live, so if you wanna tune in to watch the amazing star power of Al Sharpton and Nancy O'Dell, go ahead! Who's gonna host next week, Big Bird? Wow, that's must-see TV!" - John Morrison (10/16/09 Smackdown!)


    Parquet Wishes and Leprechaun Dreams
    FALCONNNN PAWNCH!!!


    El Nastio
    Andouille








    Since: 14.1.02
    From: Ottawa Ontario, by way of Walkerton

    Since last post: 5 hours
    Last activity: 1 hour
    ICQ:  
    #20 Posted on | Instant Rating: 9.00
    There's zero reason for them to physically change the location of the infrastructure unless there was a physical security flaw, something like re-do their security procedures once people enter the building and how they navigate through the building. Or maybe change their center to being located in the middle of nowhere-land. Or having a better security screening. But you're right Cubs, the turn of phrase they used does seem to denote that they're not blaming the network security of the infrastructure (in that quote), but they're instead blaming the physical location.



    After a (very) long hiatus, I have begun to write again. And this time, I'm not alone!

    Click Here (basisgames.blogspot.com) to check out Basis Games - Video Game/Console Reviews, Commentaries, and Analysis. Check it out!
    Pages: 1 2 3 4 5 6 Next
    Thread rated: 6.21
    Pages: 1 2 3 4 5 6 Next
    Thread ahead: 2011
    Next thread: Wii releases: week of June 6, 2011
    Previous thread: E3 '11: Sony Press Conference
    (808 newer) Next thread | Previous thread
    3DS Retail (Tuesday) • n/a DS Retail (Tuesday) • Shin Megami Tensei: Devil Survivor 2
    Related threads: PS3 Releases: week of April 18, 2011 - PS3 Releases: week of April 11, 2011 - PS3 Releases: week of April 4, 2011 - More...
    The W - Video Games - PSN hacked?Register and log in to post!

    The W™ message board

    ZimBoard
    ©2001-2014 Brothers Zim

    This old hunk of junk rendered your page in 0.468 seconds.