http://ps3.ign.com/articles/116/1164186p1.html

So it seems the worst has been confirmed.

I do believe it is time to hide yo kids, hide yo wife, and hide yo credit card cuz they stealin' errbody's info.

Ayep.

Fuck.

I'm calling my big sister... her son bought games via PSN a while back, gotta make sure she didn't loan him her credit card.

Annnnnd I just bought myself a PSP and downloaded a PSX game for it just two weeks ago.

So now what, call the bank/credit card company and let them know?

It's probably too late to delete my info from the account?

...oh wait, I can't even log on to do that. Great.

This is seriously not okay.

And now no one can bitch about paying for Xbox Live, because now you'll be paying for PSN too :D

Seriously though, Sony's in deep shit if credit card numbers were indeed taken. I hope no one actually gets their numbers fucked with. Check those charges!

Huh.

Welp... time to call the bank and change all my passwords. Thanks Sony.

Sent from my Eris using Tapatalk

They said there is no evidence that credit card info has been stolen, but they haven't ruled it out yet, so better to be safe than sorry. I used a debit card or PSN card for all my purchases, so I don't have to worry about some ass trying to run up my bill, but I will be monitoring my account for the next few months for purchases.

They do have other info such as passwords, security questions, address, email, phone number, etc. though, so be wary. And be sure to change all your passwords and whatnot as soon as it goes back online.

http://ps3.ign.com/articles/116/1164186p1.html

So it seems the worst has been confirmed.

I do believe it is time to hide yo kids, hide yo wife, and hide yo credit card cuz they stealin' errbody's info.

Lol! I want a tshirt with him saying that line. :D But, in all seriousness this is a huge ass mess. Now I really don't mind paying $60 for XBLA. Closed systems have their advantages.

Here is the OFFICIAL page and statement from Sony.

http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/

Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1.Temporarily turned off PlayStation Network and Qriocity services;
2.Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3.Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.

Sincerely,
Sony Computer Entertainment and Sony Network Entertainment

looks like 12/21/12 got here a year and a half early :(

I used both my Money Mastercard (credit/debit linked to checking) and my AMEX Gold on PSN. I am not concerned about AMEX, because I know they will just remove the charges. I am, however, worried about my debit card because, like you, I don't have a lot of money, but they do let me go up to -$500 with fees attached to every debit/credit under $0. I'd pay more in fees then the hackers get in products!


They said there is no evidence that credit card info has been stolen, but they haven't ruled it out yet, so better to be safe than sorry. I used a debit card or PSN card for all my purchases, so I don't have to worry about some ass trying to run up my bill, but I will be monitoring my account for the next few months for purchases.

They do have other info such as passwords, security questions, address, email, phone number, etc. though, so be wary. And be sure to change all your passwords and whatnot as soon as it goes back online.

The fact that it took Sony nearly a week to inform customers that our info has been stolen is unacceptable. They were just trying to cover their ass over the whole thing until yesterday the psx-scene rumors went mainstream. People started to realize what really happened, and Sony finally came clean to an extent. You can be assured that your credit card info was taken as well, they just aren't admitting it yet.

I will only give them credit for taking their system offline... but if you believe the psx-scene take, Sony only did so after people figured out how to obtain all PSN content for free, not because user info was at risk. That was apparently already compromised.

They do have other info such as passwords, security questions, address, email, phone number, etc. though, so be wary. And be sure to change all your passwords and whatnot as soon as it goes back online.

Thankfully, I only use PSN prepaid cards to purchase from the store. But I will still change my PSN password.

:puppydogeyes: Oh goody :(

People are reporting bank accounts being emptied on Kotaku. I sincerely hope it's just bullshit.

What a fuck up.

Thank god hackers love Microsoft and would never hack the Xb...oh wait.

People are reporting bank accounts being emptied on Kotaku. I sincerely hope it's just bullshit.

What a fuck up.

Thank god hackers love Microsoft and would never hack the Xb...oh wait.

But how? Only way I can imagine is having one of those debit/credit card tied to the bank account.

But how? Only way I can imagine is having one of those debit/credit card tied to the bank account.

You can use your debit card on PSN (and most online stores). Bad, bad idea....but if some idiot can't get a credit card, they probably (at least) have a debit card.

They said there is no evidence that credit card info has been stolen, but they haven't ruled it out yet, so better to be safe than sorry. I used a debit card or PSN card for all my purchases, so I don't have to worry about some ass trying to run up my bill, but I will be monitoring my account for the next few months for purchases.

You don't have to worry?

You're worse off if you used your debit card instead of a credit card...

I have my debit info stored on PSN, bought over $400 worth of stuff. Im not even worried. Anon isnt after me... Aint even mad. :popcorn:

The first two posts made me laugh.

But yeah, damn you Sony, and damn you self-entitled hackers.

Thankfully, I only use PSN prepaid cards to purchase from the store.

Same here, I never trusted Sony with my credit card on the PSN.

I'm pretty sure I never entered my CC info into PSN, because I have never bought anything. Lets hope not.. :|

It's been so long since I used PSN that I don't even remember what information I have on there. Since I can't even log into the site to check, now I have to change every goddamn password and keep an even closer eye on my statements.

Thanks Sony, thanks a lot.

People are reporting bank accounts being emptied on Kotaku. I sincerely hope it's just bullshit.

If it's coming from Kotaku users, then it's more than likely bullshit, I haven't heard anything like that anywhere else.


Thanks Sony, thanks a lot.

Blame the hackers, not Sony. It was a complete dick move for Sony to hold the information for however long, but it's not their fault that people decided to hack them over whatever bullshit vendetta they have against them.

@kaedesdisciple Your location made me laugh

Phew! That was a close one. Good thing this'll only affect the 3 or 4 people who actually use PSN.

Hey Geohot, ARE YOU STILL FEELING SMUG, YOU ASSHOLE?

(I know he's not behind this - but I can't help but feel his stupid exploits had a hand in this.)

I really fail to see the problem with a company executing the appropriate due diligence and bringing in a security firm to investigate a breach before disclosing anything to the public.

Where is the evidence that Sony held off on reporting this news to us any longer than protocol dictated? Do we have a point of reference where a company as big as Sony with as many consumers affected immediately reported a security breach to all that were affected?

My health insurance company suffered a similar hack last year. Hundreds of thousands users' sensitive information was compromised - and from what I understand in the paperwork that they sent me they didn't alert members the exact day that the compromise was detected, it was at least a week before an official statement was issued to members in that case. This just seems to be the way these things go down.

We wait, when presented with the opportunity we change our passwords, we keep track of our credit card records/bank accounts, if necessary we contact our bank and request a card with a new number, we stay smart and we move on.

Whether you like Sony or not, whether you're opposed to their corporate culture or not, you simply can not lose sight of the fact that hackers are the people specifically responsible for doing this to us.

While I'm completely paranoid about this sort of thing, I have been reminding myself about the fact that the hackers probably have a ton of data and it is unlikely that all of it will be used, I'm still taking precautions.

One thing I do hope is that Sony actually deletes billing information once you delete it from your profile. I had been doing this for a while now so I can only hope it paid off. Due to my pessimism and distrust for Sony after this though, I'm thinking this is not true.

Sadly, the only way to know for sure what data was stolen is if and when it gets posted somewhere.


Blame the hackers, not Sony. It was a complete dick move for Sony to hold the information for however long, but it's not their fault that people decided to hack them over whatever bullshit vendetta they have against them.

While the hackers definitely deserve some blame, Sony is not completely blameless. From a security standpoint, Sony has the responsibility to protect your data. If they really need to know so much about you, they better keep it as private as possible and protect it from theft.

I think the card I had on file expired a year or so ago. I could be wrong though.

They've admitted that their customer info has been accessed, excluding street address and credit card. That means whoever compromised the system accessed names, general address information, birth dates, and other useful marketing data.

Forget Nintendo and their mystery box, I can't wait to hear what Sony has to say at this year's E3!!!

While the hackers definitely deserve some blame, Sony is not completely blameless. From a security standpoint, Sony has the responsibility to protect your data. If they really need to know so much about you, they better keep it as private as possible and protect it from theft.

From a security standpoint, this could happen to just about any company and even banks. As much as people would like to believe, our information isn't nearly as safe and confidential as we'd all like to think. Identity theft, credit card fraud, unauthorized transactions...all of this and more could happen to you at your local Wal-Mart with just the swipe of a credit card,

Hell, your credit card can be copied when using the ATM right outside your Bank, these crooks have been putting their own cameras in them to get your pin number and put their own card readers right over the ATM's so it reads it as you're sliding it into what should be the most secure place to get your money.

I'm not saying Sony isn't completely blameless, but people are acting like this is the first time that anything like this has ever happened, when in reality it probably just happened to them at the drive thru at BK.

I've just spent about 2 hours changing every online account password I've got that I can think of - more than 40 accounts I've remembered and changed so far. (After almost 20 years of ignoring the universal security advice to not use the same login/password for every account, I'm finally bitten in the ass.)

I've only ever made one purchase on PSN so far, but it was recent. I chose to have the network NOT remember my credit card info. IF the system disregarded that and stored my CC info anyway I suppose I might be in trouble, but hopefully not.

This is certainly a pain, but life happens.

And now, to bed.

Saw this on SonicRetro and figured I'd pass it on here.

Originally posted by GerbilSoft of SonicRetro:

As mentioned in IRC: http://psx-scene.com/forums/f177/sony-has-...s-spying-81093/ (http://psx-scene.com/forums/f177/sony-has-been-bad-boy-ridiculous-levels-spying-81093/)

*Credit card sent as plain text, example: creditCard.paymentMethodId=VISA&creditCard.holderN ame=Max&creditCard.cardNumber=4558254723658741&cre ditCard.expireYear=2012&creditCard.expireMonth=2&c reditCard.securityCode=214&creditCard.address.addr ess1=example street%2024%20&creditCard.address.city=city1%20&cr editCard.address.province=abc%20&creditCard.addres s.postalCode=12345%20
So not only is it stored unencrypted locally, it's *transmitted* unencrypted over the Internet. This is a lawsuit waiting to happen.
SOURCE (http://forums.sonicretro.org/index.php?s=&showtopic=23939&view=findpost&p=582091)




*Insert Facepalm Image Here*

Saw this on SonicRetro and figured I'd pass it on here.

Originally posted by GerbilSoft of SonicRetro:

SOURCE (http://forums.sonicretro.org/index.php?s=&showtopic=23939&view=findpost&p=582091)




*Insert Facepalm Image Here*

Goddammit, Sony.

And Frankie? Just because your insurance company also fucking sucks at taking care of their customers doesn't mean it's OK. Just saying.

Wait, I thought all the hacking stopped a week or so ago because the hackers realized they were hurting the users instead of solely Sony. Or is this simething else?

Wait, I thought all the hacking stopped a week or so ago because the hackers realized they were hurting the users instead of solely Sony. Or is this simething else?

We'll probably never know. Anonymous (the group that publicly attacked Sony) denies responsibility for this current clusterfuck, and they have a proud history of screaming their "achievements" to the world. On the other hand, Anon doesn't have any kind of hierarchy or actual structure (OR DO THEY?!?!?), so maybe they did do it. Either way, unless someone gets publicly arrested for this, it'll probably remain a mystery.

It takes SERIOUS BALLS to hack a company as big and as willing to level the Legal Big Guns as Sony though. I was thinking about that. There are thousands and thousands of other, smaller, less public companies out there that make far better targets for someone just after personal data for sale or use. Hitting Sony like this is robbing the biggest public bank in New York City in broad daylight and only taking the stamps.

Unless the person(s) who hacked Sony is much dumber or crazier than is likely, and keep in mind I engineer stuff for a living instead of solving crimes and need a FAQ when playing adventure games, I'd bet that the hack itself is still to make a point.

Or it was someone in China and they just don't care. :|

We'll probably never know. Anonymous (the group that publicly attacked Sony) denies responsibility for this current clusterfuck, and they have a proud history of screaming their "achievements" to the world. On the other hand, Anon doesn't have any kind of hierarchy or actual structure (OR DO THEY?!?!?), so maybe they did do it. Either way, unless someone gets publicly arrested for this, it'll probably remain a mystery.

It takes SERIOUS BALLS to hack a company as big and as willing to level the Legal Big Guns as Sony though. I was thinking about that. There are thousands and thousands of other, smaller, less public companies out there that make far better targets for someone just after personal data for sale or use. Hitting Sony like this is robbing the biggest public bank in New York City in broad daylight and only taking the stamps.

Unless the person(s) who hacked Sony is much dumber or crazier than is likely, and keep in mind I engineer stuff for a living instead of solving crimes and need a FAQ when playing adventure games, I'd bet that the hack itself is still to make a point.

Or it was someone in China and they just don't care. :|

I believe Anon started the attack before the Geohot case was settled. They backed off though when they figured it was just hurting users and not Sony.

Like you said though I doubt Anon has any real structure, so once the exploit found all the Anon members probably started poking around and then it just spread.....

I really fail to see the problem with a company executing the appropriate due diligence and bringing in a security firm to investigate a breach before disclosing anything to the public.

According to Sony they didn't really out till yesterday also:



There's a difference in timing between when we identified there was an intrusion and when we learned of consumers' data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident.

It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.

source: http://ps3.ign.com/articles/116/1164186p1.html

Goddammit, Sony.

And Frankie? Just because your insurance company also fucking sucks at taking care of their customers doesn't mean it's OK. Just saying.

While I strongly disagree that anybody other than registered PSN members and Sony should be counted as "victims" in this scenario, please don't put words in my mouth, I'm not saying anything in this situation is "okay".

For the record, I think it's fucked up, that all affected are currently suffering and inconvenienced until it is resolved, but ultimately that this shit happens - and my personal experience says that it is not the end of the world.

Many of us probably send sensitive personal and financial information through FAR less secure chanels that have simply never been the target of a focused attack by a hacker.

What I am doing is questioning people's expectations of protocol in a situation like this.

Everybody seems to be specifically "outraged" that Sony allegedly waited a week to make a public statement about compromised data.

Again, for all of those who have expressed frustration that a week is an inappropriate amount of time to wait, what do you have as a point of reference?

What says that Sony should have publicly reported compromised data the moment that there was any evidence of it (regardless of confirmation or official research)?

Is there a law on the books? If there is, can we see it?

Have we all universally experienced something like this as s community that was more swiftly reported on?

I don't think that this is nearly as simple as people are making it out to be, there are MILLIONS of members on the PSN, and likely BILLIONS of total points of data that need to be examined in a scenario like this ... to preemptively report on anything before a thorough investigation has been completed would to me seem just as irresponsible as waiting an inappropriate amount of time to do so.

I have thoughts about this, but I'm keeping them to myself. However, lulz@Sony's non-competence. Seriously, unencrypted transmittal and local storage? Fucking amateurs. :roll:

This video sums up my feelings on the PSN issues pretty well.

http://www.youtube.com/watch?v=Cwn4R_GexLM

This is why Nintendo doesn't do much in the way of online gaming. The "hardcore" folks think of that as a flaw, but maybe they're just being careful.

This is why Nintendo doesn't do much in the way of online gaming. The "hardcore" folks think of that as a flaw, but maybe they're just being careful.

"Online gaming"? Huh?

The issue is people buying things by entering their credit card info directly on their console. Something Nintendo and Microsoft offer too.

This is why Nintendo doesn't do much in the way of online gaming. The "hardcore" folks think of that as a flaw, but maybe they're just being careful.

So Nintendo should leave out a major console feature because they're "too careful" to practice proper security? (Or poor security, like Sony.)

Anyway, like heybtbm said, Nintendo does process credit cards on their systems.

been steady checking my credit card, and watching for spam or weird emails

I called my credit card company today and had them send me a new card. I'd rather not take a chance. I'm sure the spam is coming...

I'm glad I don't reuse passwords. I wonder if the passwords were plaintext or hashed.

For those concerned about Sony being fortcoming with their info,

here are some official answers from Sony to the most frequently asked questions about this friggin' fiasco:

http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/

And this Sony knowledge center page which also answers several key questions:

http://us.playstation.com/support/answer/index.htm?a_id=2356

A key point to note, according to Sony, all credit card info in their possession is and was encrypted and they have not uncovered any evidence that credit card data was compromised on their end.

Still, until the investigation is concluded, there's no reason not to protect yourself by getting a new card issued.

This episode and subsequent lawsuits will make the giant losses during the introduction of the PS3 look like chump change.

This episode and subsequent lawsuits will make the giant losses during the introduction of the PS3 look like chump change.

I think the first lawsuit will come from DC Universe online users. They have the most valid beef since their game is online only. I expect the DCUO community(both members) to sue with reckless abandon.

Man, it hasn't been a good year for Sony has it?

I think the first lawsuit will come from DC Universe online users. They have the most valid beef since their game is online only. I expect the DCUO community(both members) to sue with reckless abandon.

Hmm ... compromised data aside - other than the loss of 2-3 weeks subscription fees for DCUO (which can't be more than $20 and I'm sure SOE is prepared to credit), what reasons could they possibly sue for that would be worth the costs of legal fees and/or any judge would take seriously?

Personally, if I had a DCUO account I'd probably just call Sony and ask for a credit before filing a lawsuit.

And now there's a class action suit filed in California against Sony. Whether this will be of any use or not remains to be seen, but I'm certanily not surprised.

http://www.gamespot.com/news/6310468.html

Hmm ... compromised data aside - other than the loss of 2-3 weeks subscription fees for DCUO (which can't be more than $20 and I'm sure SOE is prepared to credit), what reasons could they possibly sue for that would be worth the costs of legal fees and/or any judge would take seriously?

Personally, if I had a DCUO account I'd probably just call Sony and ask for a credit before filing a lawsuit.

I'm in total agreement here. I fail to see what the point of a massve lawsuit would achieve. Sony screwed up, but they don't owe us anything beyond subscription reimbursements if we have any.

As a consumer I can decide whether or not to support Sony with my money. I believe that ultimately sends a stronger message than a cash-grab.

Agreed. A lawsuit would be stupid. A search for "credit card company hacked" on Google yields many results. I highly doubt there were massive lawsuits against those companies. People need to get over themselves and re-join reality...... We feel so entitled as a society.


I'm in total agreement here. I fail to see what the point of a massve lawsuit would achieve. Sony screwed up, but they don't owe us anything beyond subscription reimbursements if we have any.

As a consumer I can decide whether or not to support Sony with my money. I believe that ultimately sends a stronger message than a cash-grab.

I got the e-mail this morning from Sony about the breach. I haven't been on PSN in forever and a day so I don't remember what information I put on there but I certainly don't remember putting any CC info up. I wanted to go in and check what data I did put in but I can't remember where to go and I imagine it's still shut down anyway.

What about PS Go systems, aren't those a brick without PSN?

http://chzgifs.files.wordpress.com/2011/04/ohsonyp1.gif

So is PSN still down? I wouldn't know because that would require me to use it.

What about PS Go systems, aren't those a brick without PSN?

They function just fine, they don't need persistent connectivity but you cant buy any new stuff during the outage.

http://chzgifs.files.wordpress.com/2011/04/ohsonyp1.gif

So is PSN still down? I wouldn't know because that would require me to use it.

LOL

That made my morning. :)

http://chzgifs.files.wordpress.com/2011/04/ohsonyp1.gif

So is PSN still down? I wouldn't know because that would require me to use it.

http://i22.photobucket.com/albums/b328/FrankieViturello/220b858f.jpg

I Use prepaid cards so no credit card worries but i am worried about me & my brothers login info.
Thank God i don't use the same email login for facebook :p :)

Hmm ... compromised data aside - other than the loss of 2-3 weeks subscription fees for DCUO (which can't be more than $20 and I'm sure SOE is prepared to credit), what reasons could they possibly sue for that would be worth the costs of legal fees and/or any judge would take seriously?

Personally, if I had a DCUO account I'd probably just call Sony and ask for a credit before filing a lawsuit.

Even with Sony reimbursing them I'm fairly certain that some of them will atleast try to jump on the newly started class action lawsuit.

By the way, why are you pretending to be Mr. Sony PR in this thread? I'm pretty sure you don't work for Sony so you either have stock in the company or are letting your inner fanboy get the best of you. Remember Frankie, this outage/hacking crisis is "Sony's" problem, NOT yours. You don't have to defend them everytime someone says something negative or contrary to your own opinion about them...just saying.

You don't have to defend them everytime someone says something negative or contrary to your own opinion about them...just saying.

I'm pretty sure Frankie is being optimistic about the entire situation. I admit ,it's something to be admired...but at least I can't be so positive about situations like these.

Just today I had customers bitch about the situation and their lack of Black Ops. One purchased an Xbox because "Sony son unos hijos the puta" for what happened.

Honestly, I could not help but laugh.

Even with Sony reimbursing them I'm fairly certain that some of them will atleast try to jump on the newly started class action lawsuit.

By the way, why are you pretending to be Mr. Sony PR in this thread? I'm pretty sure you don't work for Sony so you either have stock in the company or are letting your inner fanboy get the best of you. Remember Frankie, this outage/hacking crisis is "Sony's" problem, NOT yours. You don't have to defend them everytime someone says something negative or contrary to your own opinion about them...just saying.

Heh.

Nope. I don't work for Sony and I don't own any stock.

Contrary to what some might think, I consider myself to be the diametric opposite of a fanboy. I go out of my way to invest my time and money in everything that every major company involved in this industry has to offer.

If it were Microsoft, Nintendo or Apple that had their servers hacked and data compromised I'd be equally frustrated by the sweeping, sensationalized, blanket vilification of the victimized corporation by gaming journalists and pretty decent segments of quote-unquote core gamers that Sony is taking right now.

I'm not trying to be contrarian it just so happens that I don't share the same opinion as those who think that Sony Computer Entertainment has some type of "human personification" and is an "evil entity" that "deserved" to be attacked by whoever is responsible for this. I don't feel that way about Nintendo or Microsoft either. I don't really share that strange psychological outlook that some gamers do where they assign "personalities" to major game companies.

Kirby hit the nail on the head ... I'm trying to look at this situation with as much logic, reason and experience as I can. It's just what I do. Hopeless optimism I suppose.

When it comes to gaming, like most if not all of us here - it's my hobby and my passion, and as an adult who has watched the industry begin, crash, revive and go through decades of dynamic evolution ... and UNLIKE some here I go out of my way avoid the negativity that so many gamers live their lives in - "this company sucks, this game sucks, this situation sucks, this company is so much better than that company, this game is so much better than that game, etc. etc. "

I just don't have any desire to be that guy. For me there's no point in being that guy. Being that guy takes years off of people's lives. I've seen it happen.

I'm a student of the industry and I immerse myself in a bit of everything that everybody has ever had to offer and I do my best to do so with no bias or preconceived notions. When something is good I revel in it. When it's not I ignore it and move on to something else, when I don't understand something I look to my friends in the community to edify me and whenever the opportunity presents itself I work to give that back to the community.

That's just me. It's who I am. I'm sorry that you don't know that about me.

As far as this specific situation is concerned, I've made it clear that I think it sucks. I'm not sure what else I need to do to make that clear.

It's a terrible fucking thing and both the gaming public and Sony are suffering through it ... and as much as some people may think that we have it worse than Sony, I'm sure that those who actually DO work for Sony are NOT loving their jobs and/or their lives right now and won't for the weeks and months that follow.

Where the news is concerned I'm just trying to sprinkle a bit of reason in-between all the hate-speak. Sorry if it bothers you.

I get that people are frustrated over the news as its been rolling out. But, like most news in this information age, I feel that it's filtering through unofficial channels, blogs and message boards, being laced with here say, bias and unverified information that people are running with and allowing to snowball. Some (or most) people are losing sight (or completely failing to observe in the first place) of the fact that an individual or individuals are responsible for a criminal act of intrusion and potential theft of our personal, sensitive data.

I'm not in the camp that thinks that Sony or any company consisting of people who work day in and day out to make systems and games that make up the foundation of this great hobby/entertainment medium "deserves" this for how "evil" they've allegedly been to their consumer-base and no amount of anti-gaming-establishment-rhetoric is going to make me feel any different.

I blame the hacker/hackers for this and I only blame the hackers for this.

If you think Sony "deserved" to be hacked for removing things like PS2 backwards compatibility or Linux from PS3s, that's your prerogative.

Me? I think that those losses suck for PS3 owners for sure, but I fail to see how illegally hacking a network and compromising user data in any way helps the PS3 community/enthusiasts that are affected by those losses enough to have a public opinion about it and I'll never endorse those actions.

But I digress...

No.

No stock in Sony.

http://ca.kotaku.com/5796902/there-are-22-million-psn-members-credit-card-details-up-for-sale

And now the stolen credit card rumors begin.

I'm going to call bullshit on this one though, since Sony doesn't collect the security codes, while the people selling say they have them.

Snippity Doo Dah.

So today an email account that I've kept scrupulously free of spam for eleven years received a spam missive offering to increase my dick size... From THAT SAME EMAIL ACCOUNT. This is the same email address associated with my PSN account. My boss also received the same offer from my MSN messenger account, which is tied to that same email address. So that was a fun conversation.

Do I have empirical evidence that this Sony bullshit is directly responsible? Nope! But the coincidence is enough to make me mad all over again.

Here's the thing, Frankie: Sony fucked up. Yes, the hackers are the scumbags ultimately responsible for my inconvenience, but I can't bitch about them except in the abstract because they're some nebulous unknown thing. Sony, the company who indirectly gave them access to all my shit, is totally a known quantity though. When I, the customer, trusted them with my personal data, there was an understanding that my boss wouldn't receive offers to increase his no doubt already impressive penile girth if I gave them my info. This wouldn't happen because they had a team of crack software engineers and security experts who's JOB IT IS TO ENSURE THAT DOESN'T HAPPEN.

Last year, a part we engineered and manufactured for (big furniture manufacturer) was discovered to have a poorly engineered clip that didn't hold as much weight as the specifications demanded. It was only a certain revision number that had the problem, but we'd shipped quite a few of them. So what we did was, we called (big furniture manufacturer), told them what had happened, and got down to business. Everyone in the plant worked twelve hours a day seven days a week for three weeks to get replacement parts out there (except the numbskull who engineered the bad part in the first place, who was fired). Did anyone who had purchased a unit and had it fail on them feel bad for us working so much? Nope! Because we screwed up! And they were inconvenienced by it! And they didn't know the name of the moron who designed the faulty part: they only knew that our logo was on it! And that's human nature!

I understand that you're trying to see it from their perspective and that you're admirably remaining optimistic, and I think you're a great guy, but you'll forgive me if I fail to feel much more than frustration and anger with Sony at the moment. I am, after all, the guy who had to explain to his boss that I had no opinion about his dick or its size today. I'm sure the engineers at Sony are working hard to correct their oversight, and I hope they nail the guy(s) who hacked their system, but the fact remains that I had to change a bunch of passwords today, and will probably end up canceling a credit card just to be safe, and that fucking sucks.

Here's the thing, Frankie: Sony fucked up. Yes, the hackers are the scumbags ultimately responsible for my inconvenience, but I can't bitch about them except in the abstract because they're some nebulous unknown thing. Sony, the company who indirectly gave them access to all my shit, is totally a known quantity though. When I, the customer, trusted them with my personal data, there was an understanding that my boss wouldn't receive offers to increase his no doubt already impressive penile girth if I gave them my info. This wouldn't happen because they had a team of crack software engineers and security experts who's JOB IT IS TO ENSURE THAT DOESN'T HAPPEN.

Don't get me wrong, I don't think that your frustration is undeserved, and again, I'm right there suffering along with everybody else regarding unsecured data.

And while I understand your analogy, and I appreciate that you understand my position, we in this community, even though it's not purely a hacker-centric community, know that no existing form of electronic security is ultimately infallible where hackers are concerned. If the government went after George Hotz independent of Sony I'm sure we would have seen the Pentagon the FBI and the CIA mainframes successfully hacked by Anon ... and of course in that case I doubt that we would ever know as many details as we do now.

I just can't escape the feeling that it doesn't make sense to blame a company for not having sufficient security where people who make it a point to circumvent security measures would have gone after any security measures present with a focused, deliberate effort simply to prove that they could and cause anarchic damage to the system.

Yes, it's Sony's job to ensure that things like this don't happen, but it's both tough for those in their position AND easy for those of us who were victimized via the compromise to take blame/lay blame respectively for not perceiving a flaw in a security system until it's one that's been exposed.

Like your furniture clip is concerned, yes, some of us choose to view the company as a whole and point fingers and vent frustration when something like this happens. And also similar to your furniture scenario, there are likely hundreds who work for Sony that are in no way directly responsible for the security flaw that are pulling 18 hour days to rectify this. But unlike your furniture clip business, there wasn't somebody on the outside of your company sneaking in and sabotaging those clips based on some childish vendetta. That's where my frustration reaches a boiling point - even if I'm not personally, one can justifiably be frustrated with Sony for the security flaw, no argument there - but to vilify them on the same level as the hackers is downright silly IMO.

If hypothetically it wasn't the decision of somebody within your company to select an inferior clip ... if the correct clip was selected, but a rival furniture company snuck in to your company and sabotaged a shipment with faulty clips ... while the outcome of your company having to get down to business and rectify the matter would have been the same, wouldn't you as an employee feel differently if the public largely or in some cases completely ignored the actions of the saboteur in laying blame?

There is NO reported evidence of GROSS NEGLIGENCE where this compromised data is concerned, for all intents and purposes it was secure prior to this event. Unlike other notable instances of "compromised data" It wasn't on a DVDR left out on somebody's desk, it wasn't stored in a server building with no locks on the doors, it wasn't printed on a stack of dot matrix printer paper and thrown out in the company dumpster.

But, yeah. This is a very very complicated issue that's not going to see any resolution via us talking about it, I know that my position is a very unpopular one, and while I have no problem sharing my opinion on the matter, I know that I'm not going to win anybody over who feels any differently and that I will likely have to resign myself from discussing it prior to any real resolution that actually happens in the real world.

Just know that I DO feel the part of the victim just like everybody else that's affected and I'm sure that I'm equally frustrated as many here.

I just DON'T for reasons explained above, personally feel comfortable pointing a finger of blame at anybody who isn't directly responsible for a criminal act in this case.

I work in security... There is much liability that goes with that. Sony has blame in negligence. Data has value, financial data has among the highest value. So, Sony decided to keep all that data open and free without security, but they certainly lock down their content however they can. So it's not like they were not aware of the risk. I sincerely hope they loose their asses in legal fees and settlements and Jack Trenton winds up living in a 32" Wega box. They called it down on themselves. Idiots.

I work in security... There is much liability that goes with that. Sony has blame in negligence. Data has value, financial data has among the highest value. So, Sony decided to keep all that data open and free without security, but they certainly lock down their content however they can. So it's not like they were not aware of the risk. I sincerely hope they loose their asses in legal fees and settlements and Jack Trenton winds up living in a 32" Wega box. They called it down on themselves. Idiots.

Can you point us to some type of official reference (that isn't a hacker blog BBS or a chat log extolling that allegation) that details that Sony's severs are/were maintained "open and free without security"?

That concept seems absolutely and completely absurd. (Not to mention contrary to the public statement post investigation that all credit card data was maintained in an encrypted state and determined to have not been compromised.)

If it is true I'd love to see proof.

Certainly a chance to alter my opinion on this matter!

I guess some of the people who initially called the hackers "heroes" for "sticking it" to a big, evil corporation by hacking them will now be changing their tunes when their next month's credit card statement shows orders for $600 suitcases, XXX videos and airline tickets to countries they've never even heard of.

But has that officially happened? Last I read, there were no suspicious activities that were PSN/Sony related with mayor credit card companies.

If it is true I'd love to see proof.

If it is true, yes. I'm taking it at face value at this point, if it turns up jack, then fine. I by no means regard the parties that intruded into their system as innocent or heroic (they violated Sony property and if the CC# theft part is true, also stole or can potentially steal from their customers). They are liable for their actions, just as Sony could be liable for any lack of reasonable action or diligence. They were compromised and people have good reason to be concerned about their possible exposure. There needs to be loss in order to be owed damages.

On the PSN account information you can remove your credit card information. At this time it doesn't help people because the PSN is down, but say you add your card to purchase something on the PSN, then afterwards you remove the card. Would they be able to pull up credit card numbers of past transactions or just the credit cards that are on file, if they did happen to pull the cards.

If it is true, yes. I'm taking it at face value at this point, if it turns up jack, then fine. I by no means regard the parties that intruded into their system as innocent or heroic (they violated Sony property and if the CC# theft part is true, also stole or can potentially steal from their customers). They are liable for their actions, just as Sony could be liable for any lack of reasonable action or diligence. They were compromised and people have good reason to be concerned about their possible exposure. There needs to be loss in order to be owed damages.

I'll be interested to see how it all plays out, and I completely agree with that assessment of things.

If there are any demonstrable losses by any party where this is concerned Sony should do what is needed to rectify those losses.