Whats up with PSN?

[LurkerLito]

Quote:

Originally Posted by Bah!

There is still zero proof that they got to the CC information.

So far the only "evidence" is the people claiming that they have the information, but those people also claim to have the security codes as well. Sony never stored that information so it would be impossible for these people to have it, which makes their claim a fake. IMO it's just a bunch of FUD designed to try and scare customers into being angry at Sony.

Now, if you used the same username and password for your PSN account as all your other accounts, which is stupid, then you might be in trouble. Otherwise, even though it sucks, someone having your name and address isn't going to hurt you.

I'll still had my bank issue a new card, because that's just smart regardless, but I'm not really worried about anything bad happening to me from this incident at all.

Now that Homeland Security is investigating this, as well as the FBI and Sony, I'm even more hopeful that these thieves get brought to justice.

They have admitted at least 10M CC#s were compromised:
http://www.hardocp.com/news/2011/05/...ts_compromised

And the idea that not having the security code is proof of them not having the info is also kind of silly. Most are 3 or 4 digits long and could be figured out in very little time via brute force by anyone with access to a CC payment service. Not to mention there are sites that don't ask for the security code, should make anyone who stored their real CC# with PSN get a new card from their CC company.

[ViN86]

Quote:

Originally Posted by LurkerLito

They have admitted at least 10M CC#s were compromised:
http://www.hardocp.com/news/2011/05/...ts_compromised

And the idea that not having the security code is proof of them not having the info is also kind of silly. Most are 3 or 4 digits long and could be figured out in very little time via brute force by anyone with access to a CC payment service. Not to mention there are sites that don't ask for the security code, should make anyone who stored their real CC# with PSN get a new card from their CC company.

Probably not. A single incorrect CVV entry will typically contact the card owner and flag the card as potentially stolen.

I have been sent numerous emails within 5 minutes of entering the wrong CVV code once. The emails all said FRAUD ALERT. It scared me until I realized what I did.

Storing the CVV codes on the database is a very stupid thing, however.

[LurkerLito]

Never got anything like that type of fraud alert. I do only use Virtual CC#s for all online purchases so I don't worry about it too much. I don't think I ever mistyped the CVV before. I have accidentally changed the expire date before but that never send me a fraud alert.

[Ninja Prime]

Well, if the hackers had an open connection to sonys data for a time, any CCVs entered during that time could have theoretically been intercepted.

[Bah!]

Quote:

Originally Posted by Ninja Prime

Well, if the hackers had an open connection to sonys data for a time, any CCVs entered during that time could have theoretically been intercepted.

Seems the stuff the hackers took isn't even current and is a database from 2007, so I highly doubt they were getting information in real time. This is the statement that Sony released today:

Quote:

Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.

Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly.

There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.

[Logical]

Apparently this affects PC gamers with accounts for games such as the Everquest series and DC universe.

[Ninja Prime]

Quote:

Originally Posted by Bah!

Seems the stuff the hackers took isn't even current and is a database from 2007, so I highly doubt they were getting information in real time. This is the statement that Sony released today:

I heard that was another hacking? Let me see if I can find the story...

Edit: http://arstechnica.com/gaming/news/2...red-stolen.ars

Seems to say that it was a new, seperate attack on SOE, different from the PSN one. I don't know which is the actual truth though. Would make sense though.

[Bman212121]

So is PSN back up then? Is it safe to change your password?

[ViN86]

Quote:

Originally Posted by Bman212121

So is PSN back up then? Is it safe to change your password?

Still can't login and still says invalid security certificate.

http://us.playstation.com/psn/

[HiCZoK4]

Its still down?! I dont own a ps3 but Ive heard it was hacked like 2 weeks ago... wooow thats huge. They will proboably give free psn+ month or free game to download

[Bah!]

Apparently it's going to be down until the end of the month, or at least parts of it. What a mess.

[Ninja Prime]

So the plot thickens:

http://www.wired.com/threatlevel/2011/04/trixter/

http://www.eurogamer.net/articles/20...nown-for-years

And appearantly when the SHTF it splatters far:

http://www.joystiq.com/2011/05/09/ps...f-not-million/

Sucks.