Sony: “We Let Hackers Have All Your Personal Data”

sony-psn-logo.jpg

Sony has admitted that as a result of the hack which prompted it to take the PSN offline, hackers have stolen the personal data of all of its users, including their name and address, date of birth, passwords and security questions, purchase history and possibly credit card info.

In its latest official announcement, Sony claims it will have services restored within a week of when service will resume, but does provide extensive details about just how badly it has been compromised:

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided:

Name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.

It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.

If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained.

While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.

If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information.

Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password.

Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

[Sony also provides details on how US residents can make it more difficult for criminals to fraudulently make credit cards in their name now hackers have all their personal info]

As most people tend to utilise the same passwords and password prompts on multiple sites, even with no personal or credit card data leaked, a great many users are likely to be placed at considerable risk.

The most recent rumour regarding the actual cause of the outage suggests that the latest cracked firmware allowed users of hacked PS3s to download any and all paid PSN content and DLC for free using fake credit card numbers, prompting Sony to pull the entire service.

Sony has so far been silent regarding such theories, but the admission that so much personal data has been compromised suggests Sony’s security lapse has been on a catastrophic scale and that the consequences may be far-reaching – not least when everyone starts suing Sony.

Meanwhile, Microsoft is apparently experiencing an Xbox Live outage of its own – because so many people are creating new accounts with them, their servers are experiencing some difficulties.


    Post Comment »
    225 Comments
    Sort by: Date | Score
    Avatar of Sanostrife
    Comment by Sanostrife
    07:20 27/04/2011 # ! Quality (+1.0)

    As a Sony Fan-boy ... I am speechless. -_______- My card info is not expired. I wonder if I should be worried....

    Comment by Anonymous
    08:08 27/04/2011 # ! Good (+0.8)

    Just to be safe, I called my credit card company. Upon mentioning "Sony Playstation Network", she immediately said the bank would cancel my card and mail me a new card with a new number. The representative seemed familiar with the Playstation Network situation, so I doubt I was the first to call them about it.

    Avatar of MasterX25
    Comment by MasterX25
    10:34 27/04/2011 # ! Neutral (+0.2)

    Cool. Good to see a bank that is up to date on the situation.

    Comment by Anonymous
    20:52 27/04/2011 # ! Neutral (+0.2)

    Call your bank if you suspect fraud, they cancel immediately and send you papers to sign. You pay nothing. Ever major bank has been doing this for years.

    If you are worried about your credit card and didn't know this before you should learn how your fucking card works before you get one. Its pathetic how twats are worrying 'omg I called my bank just in case', really? You didn't pay attention when you applied for it in the first place?

    Banks aren't 'up to date on the current situation', they don't give a fuck about psn. If you get frauded too much your credit rating gets killed. Otherwise theyll feed you money forever.

    I swear people are stupid as hell
    PS: PSN EULA states your info can be compromised and when it is they aren't liable. Try reading that once in a while

    Comment by Anonymous
    22:16 27/04/2011 # ! Neutral (0)

    <..> ppl should just use a prepaid credit card if they don't want stuff like this to happen, buy a $25 visa or mastercard, u can use it to register for anything and it'll work. (+ u can basically use it on any website that's "insecure" since who cares about just $25)

    Comment by Anonymous
    15:37 27/04/2011 # ! Neutral (0)

    My credit card expired just some time ago luckily... But damn, that's some screw up.

    Avatar of TNinja
    Comment by TNinja
    10:59 27/04/2011 # ! Neutral (0)

    Good to see real quick service. That stuff gets foreign every second.

    Avatar of aki
    Comment by aki
    16:19 27/04/2011 # ! Neutral (+0.2)

    same here, wtf is sony doing =_=

    Comment by Anonymous
    16:55 27/04/2011 # ! Neutral (0)

    the worst thing is the backdoor was known since 31st of march and Sony didn't do anything to close it for 3 weeks till this happened...

    Comment by Anonymous
    17:49 27/04/2011 # ! Neutral (0)

    The backdoor didn't give people access to the credit card details of others.

    It allowed you to connect to the dev survers and add funds to your balance.

    Avatar of cats2
    Comment by cats2
    21:09 27/04/2011 # ! Neutral (0)

    If you're paranoid you can cancel it and get a new one pretty easily.

    Course you can always just check your statement and dispute anything that's suspicious also...

    :/

    Avatar of Lunatique
    Comment by Lunatique
    07:10 27/04/2011 # ! Good (+0.7)

    Well, at least the network is free...

    Avatar of Diemeow23
    Comment by Diemeow23
    10:19 27/04/2011 # ! Good (+0.4)

    Wow! I won't lie I've always somewhat supported hacks cause games in the Philippines (I know I hate this place too, I'd list it down but that would take all the bandwidth from SanCom ) are just plain unavailable (because of Gay loli banning faggots) but this is just wrong causing so much trouble just to prove they could hack Sony

    Wonder what they'll get out of this since I myself(honestly) cannot find anything worthwhile in stealing someones info like password cause I feel lost in my pride if I have to depend on someones hard work(anime and manga aside) to get the advantage on other people

    Avatar of Diemeow23
    Comment by Diemeow23
    13:19 27/04/2011 # ! Neutral (-0.2)

    @Entropy13

    Sorry for that. Comment for the PSN was on my previous post just ticks me off that people can still get fooled by these things even to go as far as rejecting it(still hate the hackers for this though)

    at least you not one of the fools who decides to reply immediately without reading the whole post your a good man(I'll give you that)

    Sorry for the long post again

    Comment by Anonymous

    Well. fuck you asshole.
    Tangina mo!

    Avatar of entropy13
    Comment by entropy13
    12:51 27/04/2011 # ! Neutral (0)

    @Diemeow23: tl;dr

    I don't see the point of that very long comment. No mention whatsoever, not even remotely related, to the Playstation Network.

    Kung magrereklamo ka, wag dito.

    Avatar of Rinfinite
    Comment by Rinfinite
    13:51 27/04/2011 # ! Neutral (0)

    Wall of text nobody cares about.

    Avatar of Diemeow23
    Comment by Diemeow23
    12:37 27/04/2011 # ! Neutral (-0.2)

    Aww so you watch Mutya every night too aww. You seem to be missing the point that the government keeps forcing ABS-CBN and GMA to keep showing crap all the time. That's why HERO can only get so much material cause "It's bad for you" and even then they censor the crap out of it (did ya see the Philippine version of Darker than Black the way they edited the second OP awww too bad) or the funny transitions that happened with the showing of Maburaho when the Pink headed girl met her clone the both had a little bit of their cloths torn off not only that even the first season of Zero no Tsukaima (aww ya you really got me started) Anime spawned from the concept of free speech but when you censor the work it insults every single person that put their effort into doing that work. I understand Japan for censoring some if it's stuff because those things are near 18+ limit not Philippine Channels where Aya Natsume had a constant mesh of pixels on her cleavage HER Cleavage for heavens sake I feel more insulted than the studio. All movies have recently been all Romance and Comedy and a little bit of Horror but that's it(and if you think that I support child porn just because I said "loli banning faggots" than I'm surprised you had enough brain cells to find this site. All Talented artist and almost every single Filipino wants to leave the country cause it's soooo damn corrupt I'd even go as far as to say that to be Filipino you have to be corrupt cause a government is a reflection of it's people(aww and don't even go on saying that what about Japan and Ishihara his Corrupt that doesn't mean that all Japan is Corrupt, You'd missing the scale of proportion of how many are corrupt in the system in the Philippines)

    You ask me why cause I'm the son of a Former Government official who could not win cause all most of the voters kept asking for money and everyone I asked when I went to vote says "ooh that's bad but it can't be helped so everyone agrees into vote buying)

    In my life actually seen people going so low that some are actually selling drugs in our BRGY but how would you know if ya think it only happens in my region then think again. It's no surprise that a Naive Internet Worm/Anon like you wouldn't know since you can still go on swearing to me like that.

    OOHH and the news of my God the news every night!! If anything is ever serious that happens over seas all they report about is "no Filipinos were hurt or the Filipinos are coming home now, or ohh the Royal wedding did ya know a Filipinos quire(don't know the spelling) are about to sing there Everything and every program is layered with a pafethic slime of propaganda to keep the people's hopes up while officials suck their pockets dry. Half of the news isn't even news(ohh nooo a new contoversy will couple A be created or will there be another STUPID love triangle only published so the actors(and there crappy acting and stupid bright lights on dramas cause everyone has to see them even if it's PITCH BLAAAAAAAAAAAAAAAAACK)can get more publicity. These people put more effort into the lives of celebrities than killings that happen because of politics you why cause (layhat Seyla ey Beyeran layng) almost all people you'll meet outside will succumb to anything for a Price. This people don't even have anything else better to do even going as far as making issues about our President's love life! his freaking love life people have no shame you see Bush or Obama being paired up with women they meet and Pres. Pnoy already complained about issues like this but ooh no the Filipino people have nothing else to sink their teeth too so we'll just keep on stalking you.

    Aww YEAH ASK your pathetic self can even half of the anime you watch(assuming your not a Narutard or only watch Bleach or One Piece)can all of these title even be shown in the country. Let a Pilipino police officer stand beside and enter this site or read a manga with even a fairly questionable picture will he let you enter here or read the said manga or automatically say "Naked Animoos CHILD PORN!!" ooh right may be out of the few good police you might know that actually do their job, tens of thousand wouldn't even bother cause it's too much of a hassle even though it's already stated in philippine law and mindset(with only a few hundred as an exception and even then most of out your friends would scream if they saw To Love Ru) that anime is just child porn. No! people like us actually have to close the window or make sure no ones home or else we'd get hated if we ever got caught even just watching tou generic harem anime that has to yet be "approved" by our Crappy MTRCB

    I'm sorry I won't even get to say at least 5% of what's actually happening in my country but even my sanity has it's limits.

    So please next time try to keep better view of what's actually happening around you rather than spend 3 or 4 hours a day managing your account of facebook okay

    I'm not saying that the Philippines is all bad but if you don't believe me then try not relying on the internet for anime and just stick to Philippine television for even just a few months you'll understand me then until that happens don't replying unless it's actually worth while

    The only things I've had to thank for was the airing of Evangelion(cause this started it all for me no matter how traumatizing it was) and the excellent dubbing for Seto no Hanayome(true talent was discovered then and there)

    Comment by Anonymous
    10:38 27/04/2011 # ! Neutral (0)

    its free and they cant use your credit card with just the info they stole, so stop complaining and apreciate the free service!

    Comment by Anonymous
    07:52 27/04/2011 # ! Neutral (0)

    That's why I ALWAYS use an Alias!! and use those 'Pre-Paid' Sony gift cards to buy shit on the Network!

    I am effectted "ZERO" - so I change my password - big deal. SONY will give me FREE shit!

    Comment by Anonymous
    12:14 27/04/2011 # ! Neutral (0)

    If you used the same password for your email, they have you and perhaps whichever other service you used the email to register.

    If you used the same security questions and answers all the time, they can retrieve your password from the other services you use.

    They also have your address and other details like your date of birth, which can be used or sold elsewhere.

    Comment by Anonymous

    Personally, I simply never buy crap of Sony, it's such a much better way to stay clear of their rootkits, malware, and all the other shit they pull while they piss on their customers.

    Avatar of AsakuraSan
    Comment by AsakuraSan
    07:07 27/04/2011 # ! Good (+0.7)

    Evil hackers are evil.

    Comment by Anonymous
    08:07 27/04/2011 # ! Good (+0.8)

    Crackers...not hackers, there is a difference.

    Comment by Anonymous
    08:35 27/04/2011 # ! Good (+0.6)

    Give it up, man. It's like trying to teach people the real meaning of the words "irony" and "tragedy"...it's too late to save the English language.

    Avatar of Kitsunemimi6
    Comment by Kitsunemimi6
    10:53 27/04/2011 # ! Neutral (0)

    Something tells me that this even happened in the first place as a result of them removing ""something else"" as a result of pirating...

    Hope they have it up within the week & there isn't like another delay...

    Comment by Anonymous
    10:52 27/04/2011 # ! Neutral (+0.2)

    holy crap, finally someone besides me that knows the truth!

    Comment by Anonymous
    11:22 27/04/2011 # ! Good (+0.6)

    OH, but it was funny when you were a big shot cheering on places like 4chan and saying how cool it was to "fuck the man" and be a Hacker.....till you personally GOT Affected.

    Hacker - Extreme Radical - Mercinary - Terrorist

    Be it Hatred, God/Gov, or Info Control Haters there are always DOPES that think it's 'Cool' to cheer on Destruction of "Order" until you are a Victim.

    Think about this next time you Cheer On the demise of someone you don't like.

    Comment by Anonymous
    08:18 27/04/2011 # ! Neutral (+0.4)

    Sucks to be Sony about now...

    Avatar of Kuro'Base'Neko
    Comment by Kuro'Base'Neko
    08:15 27/04/2011 # ! Neutral (+0.1)

    the Hacker is either Bill Gates or Xbox fan boy.

    Avatar of Ota-Kool
    Comment by Ota-Kool
    11:24 27/04/2011 # ! Neutral (0)

    Wow maybe he create a Windows in PSN so the Hackers can get in and steal all the data?

    Comment by Anonymous
    14:49 27/04/2011 # ! Neutral (0)

    Stupid and obvious response.

    Avatar of Cypherous
    Comment by Cypherous
    07:08 27/04/2011 # ! Neutral (0)

    Aye they are but i guess its proof of yet another sony security failure :(

    Its great fodder for the sony haters and if i didn't know i had expired card details stored i would be a bit annoyed.

    Comment by Anonymous
    08:04 27/04/2011 # ! Neutral (+0.4)

    I would be more than a bit annoyed. This isn't some random website run in someone's basement. The only saving grace is that you don't pay for it. If this had happened to Microsoft, heads would roll.

    Avatar of Cypherous
    Comment by Cypherous
    08:22 27/04/2011 # ! Good (+0.6)

    Yeah because jumping in to bed with microsoft is better, ever read an EULA from microsoft, you pretty much sell them your soul ;)

    Comment by Anonymous
    09:00 27/04/2011 # ! Neutral (+0.4)

    Yeah, and when your credit card info gets stolen off of XBox Live, they say "Eh, you can't prove it happened through us. You insist it did? Sue us. See how far you get."

    Funny that certain buttkissers on this site are so blind with acquired Sony hatred, that they'll actually call them the evil corporation and stick up for -Microsoft- of all companies.

    Comment by Anonymous
    12:07 27/04/2011 # ! Neutral (0)

    "there just isn't a flaw in it" lol you sir, have made my day.

    Everything have flaws (except flawless stones in diablo 2, cause they are called flawLESS) epecially somethings that comes from microsoft

    Comment by Anonymous
    08:20 27/04/2011 # ! Drivel (-0.8)

    Ha!This is perfect!Xbox Live is clearly better and this just proves that PSN is shit!Xbox360-better community,no lag and better overall system,there just isn't a flaw in it.PSN-terribly infested with noobs and shit network,it's free which is cool,I guess,but so is AOL.

    Avatar of kamyu
    Comment by kamyu

    Actually, if you go read the rest of the "rumour" about the hack you may find that the group responsible WARNED Sony about the massive security hole.

    Sony, in their infinite wisdom, decided to ignore the warning and do absolutely nothing about the hole.

    Sony opted to leave user info at risk AFTER BEING WARNED so the hacker group opted to bitch slap Sony.

    Comment by Anonymous
    09:01 27/04/2011 # ! Good (+0.6)

    Sending someone a note that says "I'm going to stab you and rob you, you better get better security" does not make you a hero when you actually stab and rob them. It just makes you a psychopath.

    Comment by Anonymous
    14:31 27/04/2011 # ! Neutral (0)

    just what exactly is this 'massive security hole'? password sent in plain text but secured by SSL?

    OH HOLY GOD AMAZON MUST BE COMPROMISED

    Avatar of kamyu
    Comment by kamyu
    09:14 27/04/2011 # ! Neutral (0)

    Next time try making at least a semi-valid analogy.
    A better one would be: "Hey, I noticed that the lock on your side door is broken. You should probably see about fixing that before someone robs you."
    Then when the lock is STILL broken a couple months later someone robs them blind.

    I never said the hackers were "heroes," but Sony deserves at least some blame for not patching such a massive security hole after being made aware of it.

    Comment by Anonymous
    11:34 27/04/2011 # ! Neutral (0)

    seriously its a rumour, it might not be true. Stop mixing fact with myths.

    Comment by Anonymous
    13:17 27/04/2011 # ! Neutral (+0.4)

    If it is on the official playstation blog how is it a rumor?

    http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/

    http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/comment-page-8/#commentform

    Go brush up.

    Comment by Anonymous
    18:29 27/04/2011 # ! Neutral (0)

    "The mighty SSL protects."

    You've gotta be...

    Look, SSL can easily be spoofed with fake certificates. If the data isn't also encrypted, then the secure connection can be compromised and the transmitted data can easily be read. In Sony's case, everyone's data was transmitted in plain text. Why did no one at Sony speak up and say that encrypting the data would be a better idea? Did they honestly think that SSL by itself was enough? If the data was encrypted, then the hackers would only have garbage data.

    Comment by Anonymous
    14:29 27/04/2011 # ! Neutral (0)

    http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/

    it is said here that hacker would under no circumstances be able to intercept credit card details from PS3 if no malicious proxy server and special CFW (which points to the aforementioned proxy server) is used.
    as long as a PSN user with CC has a OFW (which he probably has - why does anyone need a CC with a CFW?), he has nothing to worry about. The mighty SSL protects.

    Comment by Anonymous

    Both sony, and the hackers can eat a dick.

    Comment by Anonymous
    15:19 27/04/2011 # ! Neutral (0)

    U can eat a ...... ah fuck it.

    Avatar of Myballz
    Comment by Myballz
    07:23 27/04/2011 # ! Good (+0.6)

    This is the reason why I use PSN Cash card because I know hackers would get acess to ether way just to get a Credit card number.

    Avatar of seka
    Comment by seka
    14:43 27/04/2011 # ! Neutral (-0.2)

    the smart way of doing it :) i do the same, better safe than sorry

    Comment by Anonymous
    22:55 27/04/2011 # ! Neutral (+0.2)

    you mean better safe than sony

    Comment by Anonymous
    18:10 27/04/2011 # ! Neutral (+0.2)

    the smart way of doing it :) i do the same, better safe than sony

    fixed it for you

    Comment by Anonymous
    15:52 27/04/2011 # ! Neutral (0)

    If only the prepaid cards were readily available in most countries :/








    Post Comment »

Popular

Recent News

Recent Galleries

Recent Comments