This latest discovery makes no sense to me. Why would they even have a database of old payment information stored? Why would it take over two weeks to discover that they had been compromised when Sony claims to have Top Men on the case? And why were the hackers able to access these specific CC numbers but not the millions of current ones? Was this old db just lying around on the network, forgotten and unsecured? Makes no sense.

Zato-1

Chile4253 Posts

May 03 2011 14:10 GMT

#402

On May 03 2011 21:13 zeru wrote:

Show nested quote +

Since I still play planetside ill guess ill be on the safe side and keep checking CC transaction logs every now and then.

I updated the OP- yes, you should definitely be wary of any account and credit or debit cards you may have associated with Planetside or any other Sony Online Entertainment (SOE) game. Originally Sony claimed only PSN account related data was stolen, but they recently discovered that SOE account data was also compromised.

zeru

8156 Posts

May 03 2011 14:18 GMT

#403

--- Nuked ---

Arnstein

Norway3381 Posts

May 10 2011 11:08 GMT

#404

Isn't it just to falsely comfort yourself to say that this is all Sony's fault and that this can't happen elsewhere? Stuff like this can happen to every site that exists.

goiflin

Canada1218 Posts

May 10 2011 13:21 GMT

#405

On May 10 2011 20:08 Arnstein wrote:
Isn't it just to falsely comfort yourself to say that this is all Sony's fault and that this can't happen elsewhere? Stuff like this can happen to every site that exists.

The difference here is that the vast majority of sites that handle credit card information encrypt all of their information, not just some of it.

A massive company that handles millions of transactions should have equally massive security measures, and there's nothing pointing towards sony actually having good security measures.

Arnstein

Norway3381 Posts

May 11 2011 16:39 GMT

#406

On May 10 2011 22:21 goiflin wrote:

Show nested quote +

All my friends that work with internet security says that Sony doesn't have any worse encryption than what's normal.

trainRiderJ

United States615 Posts

May 11 2011 16:41 GMT

#407

On May 12 2011 01:39 Arnstein wrote:

Show nested quote +

All my friends that work with internet security says that Sony doesn't have any worse encryption than what's normal.

How would your friends who work with "internet security" even know this? That sort of thing isn't made public (except in the case where you are annihilated by hackers and information gets out).

DamnTasty

Netherlands28 Posts

May 11 2011 16:43 GMT

#408

On May 12 2011 01:39 Arnstein wrote:
Show nested quote +

All my friends that work with internet security says that Sony doesn't have any worse encryption than what's normal.

How would your friends who work with "internet security" even know this? That sort of thing isn't made public (except in the case where you are annihilated by hackers and information gets out).

What is the actual source that everything was/wasn't encrypted? There's lots of rumours but nothing really tangible, so far as I can see they just had a security breach.

mitchimitch

18 Posts

May 11 2011 16:46 GMT

#409

i think people just started thinking that the info wasn't encrypted simply because Sony was able to get hacked and leaked all the info, when really most people really have no idea of what hackers could do to any other company who has ''standard'' security, which would be equivalent to Sony's like Arnstein mentioned.

Most good solo or organized hackers could probably steal whatever they want or get into any server they want, but most of the time its just not worth it, like the millions CC # that got stolen from Sony, there was people saying that the list was selling for what 100 000$ ? that's really not a whole lot of money considering the risk (and considering if you have to split it 10 way or whatever).

Unless you get to steal national/security or spy business plans and stuff like that and basically turn into a traitor/terrorist and sell it to other country/company for millions there's probably not much to be gained in hacking other then publicity and wanting to pass a message.

that is only my opinion tho.

Ighox

Norway580 Posts

May 12 2011 16:55 GMT

#410

Looks like PSN might be back up soon.
Hopefully SOE follows and everything returns to normal.

Th0R

Canada359 Posts

May 14 2011 20:20 GMT

#411

PSN is suppose to be back up around May 31st but Sony wants it to be sooner

Arnstein

Norway3381 Posts

May 16 2011 07:20 GMT

#412

It's back now.

Arco

United States2090 Posts

May 16 2011 08:20 GMT

#413

SOE is back up as well, 45 days are added to every game you've ever owned for from them. It begins when you login game the first time.

TheYango

United States47024 Posts

May 16 2011 10:01 GMT

#414

On May 12 2011 01:43 DamnTasty wrote:
What is the actual source that everything was/wasn't encrypted? There's lots of rumours but nothing really tangible, so far as I can see they just had a security breach.

Did you read the OP? Sony made a post on their own blog about how non-credit card personal data was not encrypted.

Fruscainte

4596 Posts

June 04 2011 00:22 GMT

#415

Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it.

God damnit Sony.

I'm so glad I don't own their systems, I really feel sorry for you owners.

DisneylandSC

Netherlands435 Posts

June 04 2011 00:39 GMT

#416

On June 04 2011 09:22 Fruscainte wrote:

Show nested quote +

God damnit Sony.

I'm so glad I don't own their systems, I really feel sorry for you owners.

Wow, I also read that this morning on some news sites. SQL-injections is like one of the standard things to protect against when you build databases, its programming 101. Furthermore storing passwords etc as plain text is just beyond stupid. It seems Sony really doesn't care about it's customers. Enough reasons for me never to buy any of their products ever again.

Besides that LulzSec supposedly also stole a huge amount of music codes / coupons.

Prev 1 19 20 21 All

Please or register to reply.

Live Events Refresh