The Sony Playstation Network has been offline for about a week now. I'm posting a new thread because there's been an important development which warrants its own thread:
All your information including "name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID" have been stolen, as well as, possibly, "profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers".
Finally, "(...) we are advising you that your credit card number (excluding security code) and expiration date may have been obtained"
Basically, there's a catastrophic security crisis going on with the PS3's Playstation Network, which has compromised data for 77 million user accounts. There is still no ETA for resumption of PSN services. All of the quoted text comes directly from Sony, btw, so you can be sure this isn't just some third party speculating on the issue.
UPDATE #3: In its ongoing investigations over the april PSN Security breach, Sony discovered that "older credit card numbers and expiration dates from a 2007 database may have been compromised". 24.6 million SOE accounts may have been breached, including 12,700 non-US credit or debit card numbers as well as about 10,700 direct debit records. This means you should be concerned for your account and any credit or debit card you may have associated to SOE games such as EverQuest, EverQuest II, The Matrix Online, PlanetSide, Star Wars Galaxies, Free Realms, Vanguard: Saga of Heroes, and DC Universe Online. This is not a second attack, this is just more damage reports from the original attack: Joystiq article Ars technica article + Show Spoiler [original text of update #3] +
On May 03 2011 07:24 godemperor wrote: There is NO second attack! New info from Sony:
This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.
On May 03 2011 08:14 godemperor wrote: From what I gathered, there was an attack on PSN and SOE in April. Sony realized that there was an attack on PSN and shut it down for "maintainance". Last night there Sony shut down SOE servers and soon after there were reports that 12,000 CC numbers were stolen. It is now revealed that the 12000 CC numbers were form the first attack.
From what I gathered, they stored everything as plain-text.
As a developer this makes me facepalm on so many levels.
I'll be interested to see what the implications are for Sony internationally, given that here in the UK we have this little thing called the Data Protection Act which REQUIRES you to store sensitive data encrypted.
I just finished calling my credit card company to cancel my card. Thankfully I'm paranoid and use a different password for just about everything and my psn password was unique, but all that personal info is just floating out there now. Soooo annoying.
I'm SO fucking pissed. Sony THEMSELVES didn't even announce this! I HAD TO FIND OUT FROM A BLOG SITE. So unacceptable =\ And of course now my information is up for grabs. FUCK.
On April 27 2011 21:40 Synystyr wrote: I'm SO fucking pissed. Sony THEMSELVES didn't even announce this! I HAD TO FIND OUT FROM A BLOG SITE. So unacceptable =\ And of course now my information is up for grabs. FUCK.
EPT
