EPTPrivate PSN and SOE Info Has Been Stolen including CC #s -…
| Forum Index > General Forum |
|
OTIX
Sweden491 Posts
| ||
|
Zato-1
Chile4253 Posts
On May 03 2011 21:13 zeru wrote: Since I still play planetside ill guess ill be on the safe side and keep checking CC transaction logs every now and then. I updated the OP- yes, you should definitely be wary of any account and credit or debit cards you may have associated with Planetside or any other Sony Online Entertainment (SOE) game. Originally Sony claimed only PSN account related data was stolen, but they recently discovered that SOE account data was also compromised. | ||
|
zeru
8156 Posts
| ||
|
Arnstein
Norway3381 Posts
| ||
|
goiflin
Canada1218 Posts
On May 10 2011 20:08 Arnstein wrote: Isn't it just to falsely comfort yourself to say that this is all Sony's fault and that this can't happen elsewhere? Stuff like this can happen to every site that exists. The difference here is that the vast majority of sites that handle credit card information encrypt all of their information, not just some of it. A massive company that handles millions of transactions should have equally massive security measures, and there's nothing pointing towards sony actually having good security measures. | ||
|
Arnstein
Norway3381 Posts
On May 10 2011 22:21 goiflin wrote: The difference here is that the vast majority of sites that handle credit card information encrypt all of their information, not just some of it. A massive company that handles millions of transactions should have equally massive security measures, and there's nothing pointing towards sony actually having good security measures. All my friends that work with internet security says that Sony doesn't have any worse encryption than what's normal. | ||
|
trainRiderJ
United States615 Posts
On May 12 2011 01:39 Arnstein wrote: All my friends that work with internet security says that Sony doesn't have any worse encryption than what's normal. How would your friends who work with "internet security" even know this? That sort of thing isn't made public (except in the case where you are annihilated by hackers and information gets out). | ||
|
DamnTasty
Netherlands28 Posts
On May 12 2011 01:39 Arnstein wrote: Show nested quote + All my friends that work with internet security says that Sony doesn't have any worse encryption than what's normal. How would your friends who work with "internet security" even know this? That sort of thing isn't made public (except in the case where you are annihilated by hackers and information gets out). What is the actual source that everything was/wasn't encrypted? There's lots of rumours but nothing really tangible, so far as I can see they just had a security breach. | ||
|
mitchimitch
18 Posts
Most good solo or organized hackers could probably steal whatever they want or get into any server they want, but most of the time its just not worth it, like the millions CC # that got stolen from Sony, there was people saying that the list was selling for what 100 000$ ? that's really not a whole lot of money considering the risk (and considering if you have to split it 10 way or whatever). Unless you get to steal national/security or spy business plans and stuff like that and basically turn into a traitor/terrorist and sell it to other country/company for millions there's probably not much to be gained in hacking other then publicity and wanting to pass a message. that is only my opinion tho. | ||
|
Ighox
Norway580 Posts
Hopefully SOE follows and everything returns to normal. | ||
|
Th0R
Canada359 Posts
| ||
|
Arnstein
Norway3381 Posts
| ||
|
Arco
United States2090 Posts
| ||
TheYango
United States47024 Posts
On May 12 2011 01:43 DamnTasty wrote: What is the actual source that everything was/wasn't encrypted? There's lots of rumours but nothing really tangible, so far as I can see they just had a security breach. Did you read the OP? Sony made a post on their own blog about how non-credit card personal data was not encrypted. | ||
|
Fruscainte
4596 Posts
Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it. God damnit Sony. I'm so glad I don't own their systems, I really feel sorry for you owners. | ||
|
DisneylandSC
Netherlands435 Posts
On June 04 2011 09:22 Fruscainte wrote: God damnit Sony. I'm so glad I don't own their systems, I really feel sorry for you owners. Wow, I also read that this morning on some news sites. SQL-injections is like one of the standard things to protect against when you build databases, its programming 101. Furthermore storing passwords etc as plain text is just beyond stupid. It seems Sony really doesn't care about it's customers. Enough reasons for me never to buy any of their products ever again. Besides that LulzSec supposedly also stole a huge amount of music codes / coupons. | ||
| ||
