The W
Views: 100910792
Main | FAQ | Search: Y! / G | Calendar | Color chart | Log in for more!
27.11.14 1231
The W - Video Games - PSN hacked? (Page 2)
This thread has 6 referrals leading to it
Register and log in to post!
Thread rated: 6.21
Pages: Prev 1 2 3 4 5 6 Next
(834 newer) Next thread | Previous thread
User
Post (105 total)
Mr. Boffo
Scrapple








Since: 24.3.02
From: Oshkosh, WI

Since last post: 486 days
Last activity: 447 days
#21 Posted on | Instant Rating: 5.89
I'm going to guess "stolen laptop that stupidly had all customer data on it".
wmatistic
Andouille








Since: 2.2.04
From: Austin, TX

Since last post: 8 days
Last activity: 4 hours
AIM:  
#22 Posted on | Instant Rating: 3.08
    Originally posted by Mr. Boffo
    I'm going to guess "stolen laptop that stupidly had all customer data on it".


I dunno, you would think a company as big as Sony would have policy in place to have all laptop drives encrypted to prevent such issues.

Then again it is Sony.
Mike Zeidler
Pepperoni








Since: 27.6.02

Since last post: 106 days
Last activity: 66 days
#23 Posted on | Instant Rating: 0.00
Like the Dept. of Veterans' Affairs?

http://www.govexec.com/dailyfed/0506/052206d1.htm






"Tattoos are the mullets of the aughts." - Mike Naimark
dMp
Banger








Since: 4.1.02
From: The Hague, Netherlands (Europe)

Since last post: 12 days
Last activity: 7 min.
#24 Posted on | Instant Rating: 9.00
http://bits.blogs.nytimes.com/2011/04/28/hackers-claim-to-have-playstation-users-card-data/

from the article:
“Sony is saying the credit cards were encrypted, but we are hearing that the hackers made it into the main database, which would have given them access to everything, including credit card numbers,” said Mathew Solnik, a security consultant with iSEC Partners


Btw, the 'moving to a better secured location' sounds to me like someone just walked into the building and just sat down behind a terminal with possibly less security like you'd hope there to be. Or an inside job.





Avatar Mud
Oliver
Scrapple








Since: 20.6.02
From: Kolob

Since last post: 15 hours
Last activity: 5 hours
#25 Posted on | Instant Rating: 1.70
Sony is suggesting that PSN will be back in some form by Tuesday...providing it's secure. (playstationlifestyle.net)

Fingers crossed...



yamcharulez
Bauerwurst








Since: 6.1.02
From: chicago

Since last post: 28 days
Last activity: 1 hour
#26 Posted on
they held a press conference this morning the short of it is

* Still no evidence that PSN credit card data was obtained but cannot be ruled out
* Sony to provide free selected software downloads in “Welcome Back” program. 30 days of free PlayStation Plus access to new and existing members, and 30 days of free Qriocity service
* Sony will appoint Chief Information Security Officer
* PSN back up “this week”, PS3 to have forced system update that requires password change before login

So we get 30 days of ps+ something that if we dont have anything we get from it is gone at the end of that 30 days?




Dont say its not worth it, when you can sleep with no fear, that kind of time is worth any thing.- FFX
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 20 hours
Last activity: 3 hours
#27 Posted on | Instant Rating: 9.31
They suggested there will be free downloads in addition to the free Plus service.


    Because the freebie content will be different by region, Sony was hesitant to put a price on it, but Hirai estimated "a few thousand yen" worth of free downloads. So like $20-25 or so?


Though I'd rather cash (or even credit) rather than free avatars and backgrounds, or add ons to specific games I don't own.

Other stuff I found interesting:


    Sony guesses that hackers got into the network through an "application server," through which they were then able to get into the database servers and grab data.

    ...

    The vulnerability in the web server was a vulnerability known about that particular type of server, one of the execs on stage said.



    A reporter asked what the purpose of the "intrusion" was. Hirai: "For the past month and a half, we've experienced attacks on various Sony systems. We have yet to identify a direct relationship with a group." Speculation about the objective: "We are not in a position to say one way or the other." That same reporter asked if passwords were encrypted. I believe (translation not being perfect) that Hirai said they were not.


Quite dumb. Hopefully a ripple effect is everyone else gettign scared and increasing their security before they're hit themselves.



thecubsfan.com - luchablog
El Nastio
Andouille








Since: 14.1.02
From: Ottawa Ontario, by way of Walkerton

Since last post: 4 days
Last activity: 1 hour
ICQ:  
#28 Posted on | Instant Rating: 9.00
It gets better. Click Here (joystiq.com) Sony Online Entertainment shuts down their service temporarily after finding "an issue". For those who don't know, this is what they use for DCU Online.

The hubris of Sony is amazing. After the debacle listed above, SOE goes up and says "oh, we're totally fine and weren't affected.

Oops.

"SCEA PR director Patrick Seybold states in the FAQ that the company is "moving our network infrastructure and data center to a new, more secure location, which is already underway."

The implication is was physical security that caused the PSN hacks. So unless SOE and PSN share the same location, they lied. Again.

Unless they're repealing that and going with the Application Server and poor encryption schemes.


(edited by El Nastio on 2.5.11 1133)

After a (very) long hiatus, I have begun to write again. And this time, I'm not alone!

Click Here (basisgames.blogspot.com) to check out Basis Games - Video Game/Console Reviews, Commentaries, and Analysis. Check it out!
It's False
Scrapple








Since: 20.6.02
From: I am the Tag Team Champions!

Since last post: 8 hours
Last activity: 8 hours
#29 Posted on | Instant Rating: 8.96
    Originally posted by El Nastio
    It gets better. Click Here (joystiq.com) Sony Online Entertainment shuts down their service temporarily after finding "an issue". For those who don't know, this is what they use for DCU Online.

    The hubris of Sony is amazing. After the debacle listed above, SOE goes up and says "oh, we're totally fine and weren't affected.

    Oops.

    "SCEA PR director Patrick Seybold states in the FAQ that the company is "moving our network infrastructure and data center to a new, more secure location, which is already underway."

    The implication is was physical security that caused the PSN hacks. So unless SOE and PSN share the same location, they lied. Again.

    Unless they're repealing that and going with the Application Server and poor encryption schemes.


The follow-up word is that Sony's been hit again through these servers and EVEN MORE credit card numbers have been stolen!


    Following up on this morning's news that Sony Online Entertainment servers were offline across the board, Japanese newspaper Nikkei reports (via BGR) that the company has lost 12,700 customer credit card numbers as the result of an attack. The company apparently took SOE servers offline after learning of the attack last evening, but has yet to issue a statement confirming that customer information has been lost.

    Of the 12,700 total, 4,300 are alleged to be from Japan, while the remainder's origins are unknown. The report also notes that most of the numbers are said to be from expired cards, which Engadget posits could mean this was simply stolen data from an old backup.


Expired cards or not, this is still a pretty big deal. The FBI needs to move faster, because a lot of people stand to get their lives wrecked if their credit card numbers get sold to the highest bidder.



thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 20 hours
Last activity: 3 hours
#30 Posted on | Instant Rating: 9.31
Headlines that are always a bad sign for you (and your stockholders)



The new bit here:


    Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.

    We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”


That somewhat explains the sequence of events: someone notices that file on the server -> sirens go off, someone hits a big red button to turn off the servers -> logs are analyzed for days -> uh oh.

Though, I could've sworn both Sony and Anonymous said they weren't responsible prior.

Edit: the actual letter is worth reading. They clarify that the Anonymous file was actually found on one of the SOE servers - the more recent breach. The actual triggering event was computers rebooting on their own, which led them to look at logs and find out data was being transferred out.

The letter makes it very clear that Sony believes Anonymous is responsible. Their denial of service attacks were a diversion from the data theft; Sony's not sure if Anonymous was part or aware of the theft, but emphasizes them as part of the problem and pushes for stronger laws against these sorts of groups (above and beyond their own data protection.)

(edited by thecubsfan on 4.5.11 1119)

thecubsfan.com - luchablog
Reverend J Shaft
Liverwurst








Since: 25.6.03
From: Home of The Big House

Since last post: 49 days
Last activity: 3 hours
#31 Posted on

Thanks for the link - it was worth reading. It says in one part:
    Originally posted by the letter
    Sony Network Entertainment America is committed to helping its customers protect their personal data and will offer its U.S. account holders complimentary identity theft protection services.

WTF does this mean? You're gonna compensate me if someone has stolen my card number and cleaned out my account? You're gonna offer enhanced security measures to make sure no one steals my info going forward? If they're anything like your previous security measures, I'll pass, thanks.

I'd settle for just knowing if I've stored my card number with PSN or not because I can't recall if I've used it on there before, but all of my various e-mails have gone without a response. Maybe I'll just log on to PSN and see if my info is....OH WAIT!

    Originally posted by the letter
    Central components of the "Welcome Back" program will include:

    -All consumers coming back to the PlayStation Network will be provided with 30 days of free membership in the PlayStation Plus premium subscription service.


Wow! 30 days! They must be really apologetic about this.
/sarcasm
BoromirMark
Potato korv








Since: 8.5.02
From: Milan-Ann Arbor, MI

Since last post: 307 days
Last activity: 307 days
AIM:  
#32 Posted on | Instant Rating: 2.99
Not to divert any of the deserved criticism about Sony's incompetence, but I'd like to see this level of vitriol and cynicism focused on the hackers and pirates who are the ones who committed the crime and now hold many people's financial information hostage.




Michigan against the SEC: 20-6-1 (7-4 in bowl games)
Scottyflamingo
Bratwurst








Since: 23.6.10
From: Auburn, AL

Since last post: 496 days
Last activity: 225 days
#33 Posted on | Instant Rating: 2.77
    Originally posted by BoromirMark
    Not to divert any of the deserved criticism about Sony's incompetence, but I'd like to see this level of vitriol and cynicism focused on the hackers and pirates who are the ones who committed the crime and now hold many people's financial information hostage.


This.
wmatistic
Andouille








Since: 2.2.04
From: Austin, TX

Since last post: 8 days
Last activity: 4 hours
AIM:  
#34 Posted on | Instant Rating: 3.08
Sure I blame the hackers, but right now I've got no clue who they were. All I do know is that Sony SHOULD have had security in place to prevent this from ever happening. Not to mention the fact that they still haven't been able to figure out what was taken or correct the problem and get the systems back up. That tells me there are some seriously incompetant people I've been trusting my info with in the first place. No way in the world they should still be so confused about what took place or how to fix it.
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 20 hours
Last activity: 3 hours
#35 Posted on | Instant Rating: 9.31
Anonymous (or someone claiming to be) responds, says they've got no history of stealing credit card information and corporate/government officials have been trying frame them for a while.

Essentially, it boils down to "maybe they hacked themselves so they could get us out of the way".



thecubsfan.com - luchablog
Leroy
Boudin blanc








Since: 7.2.02

Since last post: 17 hours
Last activity: 17 hours
#36 Posted on | Instant Rating: 6.22
    Originally posted by wmatistic
    All I do know is that Sony SHOULD have had security in place to prevent this from ever happening.


Yeah - given that the security hole was something already known about, it's akin to driving into a bad neighborhood and leaving your car parked with the keys in the ignition. It's kind of amazing this didn't happen sooner.

    Originally posted by wmatistic
    Not to mention the fact that they still haven't been able to figure out what was taken or correct the problem and get the systems back up.


I don't think this is the case. If they're moving their entire facility and rebuilding everything from scratch (or a close proximity thereto), I think it's safe to say they're not taking any chances with regards to security and thoroughly testing all of their systems.

You know... doing everything they should've done BEFORE taking and storing credit card numbers.

Edit: And just to hammer the point home...

Purdue University's Dr. Gene Spafford tells Congressional Subcommittee that the PlayStation Network's security was outdated--and Sony was aware of it. (gamespot.com)


    "On a few of the security mailing lists that I read, there were discussions that individuals who work in security and participate in the Sony Network had discovered several months ago, while they were examining the protocols on the Sony Network to examine how the games worked, they had discovered that the [PlayStation] Network servers were hosted on Apache Web servers--that's that form of software. But they were running on very old versions of Apache software that were unpatched and had no firewall installed, and so these were potentially vulnerable. They had reported these in an open forum that was monitored by Sony employees, but had seen no response and no change or update to the software. … [And] that was two to three months from when the break-ins occurred."



(edited by Leroy on 5.5.11 1445)
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 20 hours
Last activity: 3 hours
#37 Posted on | Instant Rating: 9.31
Day 16(?)

People in the US will be offered one free year of Allclear ID Plus identity monitoring. Codes are being sent out (hope your PSN email is correct) and you'll have until June 18th to sign up. That probably means they're not expecting the codes to be all out for another couple weeks. They're still working on it for elsewhere.

There's also another official apology, explaining their side


    I know some believe we should have notified our customers earlier than we did. It’s a fair question. As soon as we discovered the potential scope of the intrusion, we shut down the PlayStation Network and Qriocity services and hired some of the best technical experts in the field to determine what happened. I wish we could have gotten the answers we needed sooner, but forensic analysis is a complex, time-consuming process. Hackers, after all, do their best to cover their tracks, and it took some time for our experts to find those tracks and begin to identify what personal information had — or had not — been taken.

    ..

    In the last few months, Sony has faced a terrible earthquake and tsunami in Japan. But now we are facing a very man-made event – a criminal attack on us — and on you — and we are working with the FBI and other law enforcement agencies around the world to apprehend those responsible.




thecubsfan.com - luchablog
Mr. Boffo
Scrapple








Since: 24.3.02
From: Oshkosh, WI

Since last post: 486 days
Last activity: 447 days
#38 Posted on | Instant Rating: 5.89
Comparing an earthquake that killed at least 18,000 people to releasing a product with poor security that got hacked takes real balls. Congratulations Sony on continuing to say the wrong thing.
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 20 hours
Last activity: 3 hours
#39 Posted on | Instant Rating: 9.31
Some Anonymous members say "yea, some of us probably did it." I suspect there will be multiple new groups representing the true intents of Anonymous by the end of the month.

ETA on a PSN return has gone from Tuesday to this week to uh we don't know.



thecubsfan.com - luchablog
thecubsfan
Scrapple
Moderator








Since: 10.12.01
From: Aurora, IL

Since last post: 20 hours
Last activity: 3 hours
#40 Posted on | Instant Rating: 9.31
Progress? 3.61 is up for mandatory update. All it appears to be is the promised forced password change.

The network is not up, but this is a smart move: even with all the trouble and wariness of using the service, the first day the PSN is back on will blow away any bandwidth record they have. People will be grabbing weeks of delayed game updates, DLC, and whatever else all at once. Best to stagger what they can.



thecubsfan.com - luchablog
Pages: Prev 1 2 3 4 5 6 Next
Thread rated: 6.21
Pages: Prev 1 2 3 4 5 6 Next
Thread ahead: 2011
Next thread: Wii releases: week of June 6, 2011
Previous thread: E3 '11: Sony Press Conference
(834 newer) Next thread | Previous thread
I'm still going through Episode 4: Dangeresque and can safely say that it's the most entertaining of the SB titles to date. And it's probably one I'd actually go back and do a second time, so they've definitely hit their stride.
Related threads: PS3 Releases: week of April 18, 2011 - PS3 Releases: week of April 11, 2011 - PS3 Releases: week of April 4, 2011 - More...
The W - Video Games - PSN hacked? (Page 2)Register and log in to post!

The W™ message board

ZimBoard
©2001-2014 Brothers Zim

This old hunk of junk rendered your page in 0.168 seconds.