PlayStation Network Hacked....

Joined
27 March 2000
Messages
3,926
Location
Palos Verdes, CA
I posted this on our GT5 Racing thread, but figured it was bad enough to merit its own. For those unaware, PSN has been down since last Wednesday night. This was just posted on the official blog today:

Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

  1. Temporarily turned off PlayStation Network and Qriocity services
  2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened and
  3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.

Sincerely,
Sony Computer Entertainment and Sony Network Entertainment

http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/
 
Doesn't that violate their own privacy policy???
This follows other loyalty programs that had security violations.
Interesting that people using these services have to read and accept the privacy policies, but the corporations have an out?
Similar to Facebook and their issues as Canadian Privacy laws are much tighter than US policies. Facebook had to change their practices because of Canadian privacy policy.
Looks like The PlayStation Network are going down the same path.
 
Yeah!This stuff blows. I was wondering when somebody would post something about this. Today was the day I started to try to figure out what was going on. I asked my friend he was the one that told me they got hacked. Im glad I never used a credit card for playstation network.
 
Doesn't that violate their own privacy policy??? This follows other loyalty programs that had security violations.

I'm not sure what you mean by this.

Personal information that we gave Sony in order to have an account on PSN may have been stolen by a hacker who compromised Sony's security.

PSN is not a loyalty program, but a service with an affiliated storefront. You need to provide such information any time you purchase something online with a credit card. The situation would be no different if Amazon.com got hacked.

This is definitely an ugly PR situation for Sony, especially if rumors that this data was not encrypted on their servers prove to be true, but remember it is ultimately the hacker who circumvented Sony's security that is to blame. We trust online vendors and service providers to maintain a level of security, but hackers prove time-and-time again that, if given the right incentive and time, they can circumvent anything.

I spent a few hours changing all of my passwords. Better safe than sorry.
 
they shouldnt have sued ( geohot ) for hacking HIS sony Playstation

he purchased it and can bust it up with a hammer if he wants.

When Sony gets the Network back UP I was told they are gonna crash it again and again and so on intill they drop the lawsuit against ( geohot )

We gotta stop BIG corporation from telling us what we can do or not.

we tell them what we want not the other way around.

I am happy their network is down.

AND they didnt steal any credit card info or personal info,

thats just what sony told the press so that we wanna find the guys who did it. keep it in the public eye.
 
Last edited:
heres why they hacked SONY

Anonymous announced their intent to attack Sony websites in response to Sony's lawsuit against George Hotz ( GEOHOT ) and, specifically due to Sony's gaining access to the IP addresses of all the people who visited George Hortz' blog as part of the libel action, terming it an 'offensive against free speech and internet freedom' Although Anonymous admitted responsibility to subsequent attacks on the Sony websites, much speculation has arisen concerning a sustained collapse of the Playstation Network in April. Anonymous has denied that their attacks are the cause of the service outage
 
cool, post. atleast he got the drives out of the PS3 before they ordered him to delivery the PS3. LOL

but 13,000 IP's downloaded the hack LOL

Sony go ahead and sue 13,000 people.

now they will never buy your products again.
 
they shouldnt have sued ( geohot ) for hacking HIS sony Playstation

No, Sony sued geohot for publicly revealing how to hack a PS3 in a means that circumvents the system's security (and, in turn, opens the door for pirated software and disrupting the operation of games on PSN). Hacking the PS3 in the manner he did is a violation of the end-user license agreement we all agree to when we setup our consoles in the first place.

Piracy is a huge problem for our industry. While I would love to have a more open system (I did have Linux installed on one of my PS3s), I understood their reasons for removing it. Exploits can kill software sales (i.e. PSP).

specifically due to Sony's gaining access to the IP addresses of all the people who visited George Hortz' blog

This seems a far more of a valid reason to be angry with Sony. I was pretty shocked that they were able to get this information...and can understand why it drew Anonymous' attention.

The weird (and disconcerting) thing is that Anonymous is not claiming credit for this particular attack. So far, no one has come forward...so the intent of this particular action is unclear.

Another thing that is unclear is how must this will cost Sony:

Speaking to Forbes, data-security research firm The Ponemon Institute estimates damages from such breaches averaged $318 per compromised record in 2010, which could add up to a cost of over $24 billion in Sony's case, according to the report.

Wedbush Morgan Analyst Michael Pachter, however, told Shacknews he thought overall damage to Sony would be minimal, pinning direct cost of the PSN outage at $10 million in revenues and $3 million in profits per week.

Indirect costs from lowered consumer trust could expand this number, Pachter said, unless Sony makes a concerted effort to redeem itself with free offers to customers in the next few months.

The Rothken law firm has already brought a class action lawsuit against Sony for exposing customer data, and the UK Information Minister has promised to question Sony regarding the affair.

http://www.gamasutra.com/view/news/...age_Cost_Estimates_Differ_For_Data_Breach.php
 
Last edited:
I really don't understand how people get off on crashing a network. Seriously, did Mommy and Daddy not pay enough attention to this guy when he was young? So instead of turning into an angry young boy, he immersed himself in internet code and Star Wars. Now that he's all grown up, he's taking it out on society in a different way. Instead of raping and murdering like most people who were ignored as children, he decided it would be much more fun to be a pain in everyone's a$$. Go pound sand, Trekky.
 
I really don't understand how people get off on crashing a network. Seriously, did Mommy and Daddy not pay enough attention to this guy when he was young? So instead of turning into an angry young boy, he immersed himself in internet code and Star Wars. Now that he's all grown up, he's taking it out on society in a different way. Instead of raping and murdering like most people who were ignored as children, he decided it would be much more fun to be a pain in everyone's a$$. Go pound sand, Trekky.

To each his own I guess. Some people get off rubbing themselves in peanut butter (no Joe, I don't :tongue: ). First, the hackers, like thieves or other criminals, will always figure a way to outsmart "the good guys." First, Sony can eat shit for all I care. They really are not good guys. And the more I read about Apple, the more I dislike them. Though I don't like what these hackers did, I do believe they think it is their moral, competitive, and political duty or right to do this stuff. Sony is waaaaay out of control. When I first read that they were going to possibly target people who READ how to hack a PS3, that was it for me. They really had it coming.
 
Hahaha....I started boycotting purchases of Sony products years ago. I will never buy another Sony product as long as I live. I used to own EVERYTHING Sony, but got sick and tired of their proprietary machinations that cost me a fortune and ultimately made all their products obsolete in record time. I don't support the hacker here, but do have a deep disdain for everything Sony.

Sony, go F yourself.
 
These kinds of things don't just effect the corporation that it happens to. People's personal information shouldn't be a target for jerks to prove a point. I had to call Visa and have them cancel my card and issue me a new one. Being a Buisness partner at my place of employment I need that card for purchasing things needed for the day to day operation. Because of this jerk(s), I loose the convenience of using my card and have to use cash/cheques. Any entrepreneur running his/her own business can tell you how inconvenient this can be. I'm not saying these corporations are angels but they are a business. They are around to make money out perform their competition and secure their niche of the market. They are there for their own benefit not ours and rightfully so. We subscribe/purchase their products/services because we want and choose to. If we don't like what they offer we have a choice not to patronize them. There is no need to compromise or put out others in the process of proving a point. I wish Sony does find who did this and makes a special example out of them...to the full extent of the law and their influence.
 
I'm not sure what you mean by this.

Personal information that we gave Sony in order to have an account on PSN may have been stolen by a hacker who compromised Sony's security.

PSN is not a loyalty program, but a service with an affiliated storefront. You need to provide such information any time you purchase something online with a credit card. The situation would be no different if Amazon.com got hacked.

This is definitely an ugly PR situation for Sony, especially if rumors that this data was not encrypted on their servers prove to be true, but remember it is ultimately the hacker who circumvented Sony's security that is to blame. We trust online vendors and service providers to maintain a level of security, but hackers prove time-and-time again that, if given the right incentive and time, they can circumvent anything.

I spent a few hours changing all of my passwords. Better safe than sorry.

Why I said that:
About one month ago, the BestBuy/FutureShop reward program was also hacked as well as the Canadian Airmiles reward programs.
 
Sony is now saying everything that was hacked was encrypted, so there is no worry. Uhuh......

No they aren't.

Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.

http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/
 
cool, post. atleast he got the drives out of the PS3 before they ordered him to delivery the PS3. LOL

but 13,000 IP's downloaded the hack LOL

Sony go ahead and sue 13,000 people.

now they will never buy your products again.

But that's everyone who owns a PS3 :tongue:
 
The kid sued is the same kid who unlocked the iPhone.
Anyone who's running an unlocked iPhone can't run it without justifying his actions can they? Anyone who's ever modified anything can't really say anything can they?
 
Sony, go F yourself.

Uh oh, if they hear that, you're going to be Sorny you said that. :tongue:

images
 
Last edited:
Well, the good news is that PSN is finally back online.

The bad news is that the mandatory System Update that accompanied PSN's return fried my 60GB PS3 (one of the original phat models). Talk about bad timing! My faith in everything Sony has never been tested more than by the events of this past month.

In the meantime, I am backing up my 80GB PS3 before I attempt to update it.
 
Last edited:
Back
Top