Jump to content
Can't remember your login details? Read more... ×
morris

[PS3, PSP] PSN users - your data has been compromised

Recommended Posts

Update:

 

http://www.infosecurity-us.com/view/17753/...-customer-data/

 

Sony hires investigators after hack of customer data

04 May 2011

 

Sony has hired a team of investigators after the personal information of over 100 million Sony gamers was compromised in hacker attacks on two online services.

The company's PlayStation Network and Online Entertainment service have been suspended until security around users' information is improved, which Sony hopes will be by the end of May.

Sony has brought in investigators from Guidance Software and Data Forte, according to the BBC.

Sony database provider Oracle and the FBI are also looking into the data breaches, according to reports.

After Sony admitted the personal details of 77 million PlayStation Network members had been compromised by hacking attacks, a week later Sony warned almost 25 million users of its Online Entertainment service were similarly affected by hacker attacks in April.

Personal information including names, e-mail addresses, home addresses, gender, date of birth, login name, phone numbers and hashed passwords are at risk.

Sony says credit card information of PlayStation Network users may have been accessed by hackers, but the data was encrypted and did not include security codes.

The firm says there is no evidence the main credit card database for its Online Entertainment service was compromised.

However, Sony revealed that a database from 2007 was compromised, exposing more than 12,000 debit and credit card numbers and more than 10,000 debit transaction records from Germany, Austria, Spain and the Netherlands.

Despite the immediate concern about credit card fraud, identity theft is of greater concern in the long term, says the San Francisco Chronicle.

The paper cites security experts who say the value of stolen credit card numbers diminishes each day after a data breach becomes known as users and bank-card issuers step up monitoring, but the personal details stolen could be used for years to commit other fraud.

 

This story was first published by Computer Weekly

 

 

If it's the End of May... SONY and SOE are stuffed.

 

Looking for conformation....

 

Edit: From here http://blog.eu.playstation.com/2011/05/07/...ystation.com%29

 

Posted on 7 May by Nick Caplin – Head of Communications, SCEE

Service Restoration Update

Countries: AE, AU, GB, IE, NZ

As you may know, we’ve begun the process of restoring the service through internal testing of the new system. We’re still working to confirm the security of the network infrastructure, as well as working with a variety of outside entities to confirm with them of the security of the system. Verifying the system security is vital for the process of restoration. Additional comprehensive system checks and testing are still required, and we must complete that process before bringing the systems online.

As you’ve heard us say, our utmost priorities are the security of the network and ensuring your data is safe. We won’t restore the services until we can test the system’s strength in these respects.

When we held the press conference in Japan last week, based on what we knew, we expected to have the services online within a week. We were unaware of the extent of the attack on Sony Online Entertainment servers, and we are taking this opportunity to conduct further testing of the incredibly complex system. We know many of you are wanting to play games online, chat with your friends and enjoy all of the services PlayStation Network and Qriocity services have to offer, and trust me when I say we’re doing everything we can to make it happen. We will update you with more information as soon as we have it. We apologize for the delay and inconvenience of this network outage.

 

So that says: "When we said a week - that was before we knew how bad the problem was."

Edited by gyrus

Share this post


Link to post
Share on other sites

According to this thread over http://forums.atomicmpc.com.au/index.php?s...try846345"</a&gt'>here, lastpass may have been hacked.

 

*EDIT* D'oh! Looks like Maxxie already posted it.

It got me thinking, maybe they hacked the Sony systems, and then gave it a few weeks for people to start taking up Lastpass seeing as it's a very popular solution for password management and this sort of breach is very good promotion for such services. Then their aim was to then try to hit the jackpot one more time by hacking into Lastpass and stealing a chunk of their database. Considering the majority of internet users have very sloppy password management the chances of a high percent having a short brute force crackable master password would be quite high. I certainly wouldn't put it past these criminals who have proven to be extremely methodical and well organised to pull off such a heist when we take into account what they managed to do to Sony.

 

PSN is still down here in Norway.

Edited by smakme7757

Share this post


Link to post
Share on other sites

Maybe it's time for biometric or hardware tokens.

Share this post


Link to post
Share on other sites

Free games for all of my friends!

 

http://www.eurogamer.net/articles/2011-05-...-two-free-games

 

Sony is going to offer PSN users two free games in the wake of last month's widely-publicised security breach.

 

A post on the European PlayStation Blog by communications chief Nick Caplin explained that both PlayStation 3 and PSP owners will get to choose from a short list of titles, though didn't specify which games will be included.

Share this post


Link to post
Share on other sites

Free games for all of my friends!

 

http://www.eurogamer.net/articles/2011-05-...-two-free-games

 

Sony is going to offer PSN users two free games in the wake of last month's widely-publicised security breach.

 

A post on the European PlayStation Blog by communications chief Nick Caplin explained that both PlayStation 3 and PSP owners will get to choose from a short list of titles, though didn't specify which games will be included.

My guess is they will either be, a, shit, or b, old or c, games I already own. SOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO happy that I built my new pc a few weeks before the PSN went down.

Share this post


Link to post
Share on other sites

Free games for all of my friends!

 

http://www.eurogamer.net/articles/2011-05-...-two-free-games

 

Sony is going to offer PSN users two free games in the wake of last month's widely-publicised security breach.

 

A post on the European PlayStation Blog by communications chief Nick Caplin explained that both PlayStation 3 and PSP owners will get to choose from a short list of titles, though didn't specify which games will be included.

My guess is they will either be, a, shit, or b, old or c, games I already own. SOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO happy that I built my new pc a few weeks before the PSN went down.

 

Um I have 3 separate PSN accounts under 3 diff names and 3 diff regions,

Jap

Us

AUs

I got 3 different emails notifying me about the account compromise (one in Japanese lol)

does that mean i get 6games?

Share this post


Link to post
Share on other sites

From worse to fucking-terrible;

http://www.theaustralian.com.au/australian...x-1226052523068

SONY has suffered a third data breach with revelations of details of customers who entered a product sweepstake being discovered on the internet.

 

And in a blog post on the company's website, Sony's Senior Director, Corporate Communications and Social Media, Patrick Seybold said its online entertainment arm had been unaware of the extent of the hacking of its site, first revealed a week ago.

 

Sony said the finding of the names online meant that about 2,500 customers' names and partial addresses had been stolen by hackers.

Share this post


Link to post
Share on other sites

From Kotaku.com.au; "The PSN May Not Be 100% Back Until May 31"

The PlayStation Network has been down for a while now. We’ve been warned that it may be down for a little while longer. Now Sony says it could be weeks still before the PSN is fully operational.

 

Sony’s Shigenori Yoshida has told Bloomberg that his company’s deadline for the full return of all PlayStation Network services is May 31. The PSN went down on April 20.

 

While you’d assume/hope that signing into the network and playing games online are the first things to come back up, Yoshida says that Sony is “uncertain” when the PSN will actually get back up and running.

Share this post


Link to post
Share on other sites

Oooh that reminds me that I have 3 PSN accounts too. Only one had my credit card details though, but I assume that means PSN Plus for each of them for a month!

 

 

Back in April there was a rumour that the PSN could be down for a month. Looks like the rumour was closer to the truth than expected.

Share this post


Link to post
Share on other sites

Ouch. That means a lot of irate gamers on PSN once it starts again... >>

 

Luckily, I've been enjoying my PC games a lot more :)

Share this post


Link to post
Share on other sites

May 12, 2011

We thank you for your patience as we continue to work around the clock to restore our game services. We know this has been a frustrating time for you and appreciate your understanding as we work to confirm the security of our network.

 

In light of the recent outage of Sony Online Entertainment's game services due to April's cyber-attack, we are committed to compensating our loyal player base for the inconvenience caused by the data breach and lost game time while we improve our security measures.

 

We are currently in the process of an extensive upgrade to our network to further protect your information from future attacks. It will likely be at least a few more days before we restore our services, and when we come back online, here is what you can expect for each of our game services.

 

First and foremost, all impacted players will receive 30 days of game time added to the end of the current billing cycle in addition to one day for each day the system is down. Additionally, many games are offering a variety of in-game items and special events to welcome players back once our services resume (per the outline below). This is true for both PC and PlayStation®3 computer entertainment system based products.

 

* DC Universe™ Online: Batman™ and Two-Face™ Inspired Masks and 30 Marks of Distinction

* Free Realms®: Free daily items (7 to collect)

* Clone Wars Adventures™: Count Dooku v2 Outfit

* EverQuest®: A series of events, including Double XP, Double Rare Mob Spawns and Double Faction Gains

* EverQuest II and EverQuest II Extended: A series of events, including Double XP, Double Guild XP, Loot Bonanza, and City Festivals

* Vanguard: Saga of Heroes®: A series of Double XP events

* Star Wars Galaxies™: Bounty Hunter Statue, a miniature model of Boba Fett's ship, the Slave I™

* Magic: The Gathering - Tactics™: Four of each of these spells: "Ivory Mask", "Duress" and "Angelheart Vial", plus 500 Station Cash

* PoxNora®: Limited edition Carrionling, Welcome Back 5K Gold Award Tournaments and two Draft Tournaments, plus 500 Station Cash

 

 

For our lifetime subscribers, we'll grant in-game currency; specifically 20,000 coins for Free Realms, 7,500 Galactic Credits for Clone Wars Adventures and 10 Marks of Distinction for DC Universe Online (in addition to the items listed above).

 

And finally, our Station Access subscribers will receive 500 Station Cash, in addition to the subscription time and items listed above.

 

Additionally, we announced today that SOE will provide its U.S.-based Station Account holders with complimentary enrollment in an identity theft protection program through Debix, one of the industry's most reputable identity protection firms. For Station Account holders who live outside the U.S., SOE will be offering similar programs, if and as available, and will provide details as they're confirmed for each country or territory.

 

We continue to work around the clock to restore SOE's services and thank you for your continued patience as we complete our investigation of this criminal attack.

 

Thank you,

Sony Online Entertainment

 

 

Hmmm - I dabbled with Pox Nora a while ago... wonder if my account is still there?

Share this post


Link to post
Share on other sites

http://www.soe.com/securityupdate/restorationannouncement.vm

Services Return Following Implementation of Increased Security Measures; Consumer Data Protection a Full-Time, Company-Wide Commitment

SAN DIEGO, May 14, 2011 - Sony Online Entertainment LLC (SOE) announced today that restoration of its game services will begin today. The phased restoration will include the return of nearly all of SOE's portfolio of online games, the reinstatement of SOE's game forums and websites, and added functionality to require players to reset their passwords.

 

Increased Security Measures

As the result of a criminal cyber-attack on the company's network, SOE shut down its game services in order for the company to undertake an investigation and incorporate rigorous enhancements to the overall security of the network infrastructure. SOE worked with several outside respected security firms during the course of implementing significant security measures that strengthen safeguards against unauthorized activity and provide customers with greater protection of their personal information.

 

SOE made enhancements to overall data security as well, including updating and adding advanced security technologies, additional software monitoring, performing new penetration and vulnerability testing, and increased levels of encryption.

 

"Our main priority is the safety and security of our customers' personal information," said Kazuo Hirai, Executive Deputy President, Sony Corporation. "We are making consumer data protection a full-time, company-wide commitment, and have applied enhanced security technologies so that our customers can feel protected and confident about playing our games."

 

Hirai added, "We are committed to delivering secure and entertaining games for players of all ages and thank each of our players for their patience and support during this difficult time."

 

SOE will also be offering its customers a "Welcome Back" program that includes special game content and services to all registered Station Account holders. As part of this program, players will receive 30 days of additional game time plus one day for each day SOE's services were down. The details of this program are available at www.soe.com/securityupdate/welcomeback.

 

For more information about the SOE network intrusion and restoration, please visit http://www.soe.com/securityupdate.

 

So... now we get to see how badly this hurt them.

 

Although we probably wont see any real data on how many players never came back for months.

Share this post


Link to post
Share on other sites

Just installed the system update but the network is still down. Apparently it will be back up in 2 to 3 hours. Bout fucking time. Not that I care that much myself, ever since I built my new pc consoles haven't interested me in the slightest, but I can imagine how much people who game solely on PS3 would be hurting by now.

Share this post


Link to post
Share on other sites

So its nearly back up? Any word on the free games being offered yet? I'm about to uninstall my CFW and go back to the OFW for the impending release of LA Noire

Share this post


Link to post
Share on other sites

I just woke up from a nap and went to see if it was online yet. It isn't. I haven't seen anything about the free games, but I haven't been looking.

Share this post


Link to post
Share on other sites

The PSN service for Australia is coming back up today, according to Kotaku.com.au!

 

It's going up and down at the moment apparently, but hopefully by tonight it should be up and stable. :)

Share this post


Link to post
Share on other sites

Hooray, PSN is coming back to life

 

Lucky I had my PC to help me when I needed a game

 

We should hunt down these hackers and burn them at the stake, and Sony needs to take a long hard look at themselves for letting this happen in the first place.

 

Bad security is BAD!

Share this post


Link to post
Share on other sites

Tried just before I left the house (I'm currently on the train to work) and it was still down for maintenance.

Share this post


Link to post
Share on other sites

Apparently it was up, but they took it down again to clear the back log of people trying to update their shit and change their passwords.

Either way, it should be up and running some time in between now and tomorrow night I'd say.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×