Sony: “We Let Hackers Have All Your Personal Data”
- Categories: Games, News
- Date: Apr 27, 2011 07:03 JST
- Tags: Announcements, Bugs, Crime, Fraud, Hacking, Internet, Sony, Technology
Sony has admitted that as a result of the hack which prompted it to take the PSN offline, hackers have stolen the personal data of all of its users, including their name and address, date of birth, passwords and security questions, purchase history and possibly credit card info.
In its latest official announcement, Sony claims it will have services restored within a week of when service will resume, but does provide extensive details about just how badly it has been compromised:
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided:
Name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.
It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.
If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained.
While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.
If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information.
Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.
When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password.
Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
[Sony also provides details on how US residents can make it more difficult for criminals to fraudulently make credit cards in their name now hackers have all their personal info]
As most people tend to utilise the same passwords and password prompts on multiple sites, even with no personal or credit card data leaked, a great many users are likely to be placed at considerable risk.
The most recent rumour regarding the actual cause of the outage suggests that the latest cracked firmware allowed users of hacked PS3s to download any and all paid PSN content and DLC for free using fake credit card numbers, prompting Sony to pull the entire service.
Sony has so far been silent regarding such theories, but the admission that so much personal data has been compromised suggests Sony’s security lapse has been on a catastrophic scale and that the consequences may be far-reaching – not least when everyone starts suing Sony.
Meanwhile, Microsoft is apparently experiencing an Xbox Live outage of its own – because so many people are creating new accounts with them, their servers are experiencing some difficulties.
Top 10 Best Anime Girls of 2015
Hai to Gensou no Grimgar “Has Oppai!”
Picking Up Japan Express Vol. 36 Worth a Pickup
Dimension W Out Of This World
Odin Sphere: Leifthrasir PV Certainly Nostalgic
One-Punch Man Soundtrack PV Packs A Wallop
XmasTrickStar “A White Christmas Indeed…”
Wo-Class Carrier Ero-MMD In Dire Straights
Voice Translation Tool Promotional Video “Inexcusable!”
Luck & Logic Far From Lucky
Yandere Simulator Possibly Headed to Kickstarter
Top 20 Recent Anime Most In Need Of A Sequel
Hyrule Warriors Legends PV Clashes Interminably
Akagami no Shirayukihime English Dub Surfaces
Koukaku no Pandora Really Opens That Box
Gate Season 2 Darker Than Ever
Super Sweet Sonico Bikini Figure
Top 10 Naughtiest Late Night Anime
Shoujo-tachi Mezasu Seemingly Innocent
Final Fantasy XIV Lord of Verminion Trailer Highly Adorable
Delectable Dizzy Cosplay by Lechat
Dark Elf Cosplay by Non Very Dark Indeed
Titillating Tamako Cosplay Perfectly Pink
Goddess of 2ch: “Full of Lust & Urges (& Also Videos)!”
Raunchy Reisen Inaba Cosplay by Tsuyato
Haruhi Bunny Girl Cosplay Rocks Out
Youmu Ero-Cosplay by Madoka Adachi Deadly Sexy
Comiket 89 Cosplay Sickeningly Sweet
Comiket 89 Cosplay A Guilty Pleasure
Comiket 89 Cosplay Ceaselessly Sexy
As a Sony Fan-boy ... I am speechless. -_______- My card info is not expired. I wonder if I should be worried....
Just to be safe, I called my credit card company. Upon mentioning "Sony Playstation Network", she immediately said the bank would cancel my card and mail me a new card with a new number. The representative seemed familiar with the Playstation Network situation, so I doubt I was the first to call them about it.
Cool. Good to see a bank that is up to date on the situation.
Call your bank if you suspect fraud, they cancel immediately and send you papers to sign. You pay nothing. Ever major bank has been doing this for years.
If you are worried about your credit card and didn't know this before you should learn how your fucking card works before you get one. Its pathetic how twats are worrying 'omg I called my bank just in case', really? You didn't pay attention when you applied for it in the first place?
Banks aren't 'up to date on the current situation', they don't give a fuck about psn. If you get frauded too much your credit rating gets killed. Otherwise theyll feed you money forever.
I swear people are stupid as hell
PS: PSN EULA states your info can be compromised and when it is they aren't liable. Try reading that once in a while
<..> ppl should just use a prepaid credit card if they don't want stuff like this to happen, buy a $25 visa or mastercard, u can use it to register for anything and it'll work. (+ u can basically use it on any website that's "insecure" since who cares about just $25)
My credit card expired just some time ago luckily... But damn, that's some screw up.
Good to see real quick service. That stuff gets foreign every second.
same here, wtf is sony doing =_=
the worst thing is the backdoor was known since 31st of march and Sony didn't do anything to close it for 3 weeks till this happened...
The backdoor didn't give people access to the credit card details of others.
It allowed you to connect to the dev survers and add funds to your balance.
If you're paranoid you can cancel it and get a new one pretty easily.
Course you can always just check your statement and dispute anything that's suspicious also...
:/
Well, at least the network is free...
Wow! I won't lie I've always somewhat supported hacks cause games in the Philippines (I know I hate this place too, I'd list it down but that would take all the bandwidth from SanCom ) are just plain unavailable (because of Gay loli banning faggots) but this is just wrong causing so much trouble just to prove they could hack Sony
Wonder what they'll get out of this since I myself(honestly) cannot find anything worthwhile in stealing someones info like password cause I feel lost in my pride if I have to depend on someones hard work(anime and manga aside) to get the advantage on other people
@Entropy13
Sorry for that. Comment for the PSN was on my previous post just ticks me off that people can still get fooled by these things even to go as far as rejecting it(still hate the hackers for this though)
at least you not one of the fools who decides to reply immediately without reading the whole post your a good man(I'll give you that)
Sorry for the long post again
Well. fuck you asshole.
Tangina mo!
@Diemeow23: tl;dr
I don't see the point of that very long comment. No mention whatsoever, not even remotely related, to the Playstation Network.
Kung magrereklamo ka, wag dito.
Wall of text nobody cares about.
Aww so you watch Mutya every night too aww. You seem to be missing the point that the government keeps forcing ABS-CBN and GMA to keep showing crap all the time. That's why HERO can only get so much material cause "It's bad for you" and even then they censor the crap out of it (did ya see the Philippine version of Darker than Black the way they edited the second OP awww too bad) or the funny transitions that happened with the showing of Maburaho when the Pink headed girl met her clone the both had a little bit of their cloths torn off not only that even the first season of Zero no Tsukaima (aww ya you really got me started) Anime spawned from the concept of free speech but when you censor the work it insults every single person that put their effort into doing that work. I understand Japan for censoring some if it's stuff because those things are near 18+ limit not Philippine Channels where Aya Natsume had a constant mesh of pixels on her cleavage HER Cleavage for heavens sake I feel more insulted than the studio. All movies have recently been all Romance and Comedy and a little bit of Horror but that's it(and if you think that I support child porn just because I said "loli banning faggots" than I'm surprised you had enough brain cells to find this site. All Talented artist and almost every single Filipino wants to leave the country cause it's soooo damn corrupt I'd even go as far as to say that to be Filipino you have to be corrupt cause a government is a reflection of it's people(aww and don't even go on saying that what about Japan and Ishihara his Corrupt that doesn't mean that all Japan is Corrupt, You'd missing the scale of proportion of how many are corrupt in the system in the Philippines)
You ask me why cause I'm the son of a Former Government official who could not win cause all most of the voters kept asking for money and everyone I asked when I went to vote says "ooh that's bad but it can't be helped so everyone agrees into vote buying)
In my life actually seen people going so low that some are actually selling drugs in our BRGY but how would you know if ya think it only happens in my region then think again. It's no surprise that a Naive Internet Worm/Anon like you wouldn't know since you can still go on swearing to me like that.
OOHH and the news of my God the news every night!! If anything is ever serious that happens over seas all they report about is "no Filipinos were hurt or the Filipinos are coming home now, or ohh the Royal wedding did ya know a Filipinos quire(don't know the spelling) are about to sing there Everything and every program is layered with a pafethic slime of propaganda to keep the people's hopes up while officials suck their pockets dry. Half of the news isn't even news(ohh nooo a new contoversy will couple A be created or will there be another STUPID love triangle only published so the actors(and there crappy acting and stupid bright lights on dramas cause everyone has to see them even if it's PITCH BLAAAAAAAAAAAAAAAAACK)can get more publicity. These people put more effort into the lives of celebrities than killings that happen because of politics you why cause (layhat Seyla ey Beyeran layng) almost all people you'll meet outside will succumb to anything for a Price. This people don't even have anything else better to do even going as far as making issues about our President's love life! his freaking love life people have no shame you see Bush or Obama being paired up with women they meet and Pres. Pnoy already complained about issues like this but ooh no the Filipino people have nothing else to sink their teeth too so we'll just keep on stalking you.
Aww YEAH ASK your pathetic self can even half of the anime you watch(assuming your not a Narutard or only watch Bleach or One Piece)can all of these title even be shown in the country. Let a Pilipino police officer stand beside and enter this site or read a manga with even a fairly questionable picture will he let you enter here or read the said manga or automatically say "Naked Animoos CHILD PORN!!" ooh right may be out of the few good police you might know that actually do their job, tens of thousand wouldn't even bother cause it's too much of a hassle even though it's already stated in philippine law and mindset(with only a few hundred as an exception and even then most of out your friends would scream if they saw To Love Ru) that anime is just child porn. No! people like us actually have to close the window or make sure no ones home or else we'd get hated if we ever got caught even just watching tou generic harem anime that has to yet be "approved" by our Crappy MTRCB
I'm sorry I won't even get to say at least 5% of what's actually happening in my country but even my sanity has it's limits.
So please next time try to keep better view of what's actually happening around you rather than spend 3 or 4 hours a day managing your account of facebook okay
I'm not saying that the Philippines is all bad but if you don't believe me then try not relying on the internet for anime and just stick to Philippine television for even just a few months you'll understand me then until that happens don't replying unless it's actually worth while
The only things I've had to thank for was the airing of Evangelion(cause this started it all for me no matter how traumatizing it was) and the excellent dubbing for Seto no Hanayome(true talent was discovered then and there)
its free and they cant use your credit card with just the info they stole, so stop complaining and apreciate the free service!
That's why I ALWAYS use an Alias!! and use those 'Pre-Paid' Sony gift cards to buy shit on the Network!
I am effectted "ZERO" - so I change my password - big deal. SONY will give me FREE shit!
If you used the same password for your email, they have you and perhaps whichever other service you used the email to register.
If you used the same security questions and answers all the time, they can retrieve your password from the other services you use.
They also have your address and other details like your date of birth, which can be used or sold elsewhere.
Personally, I simply never buy crap of Sony, it's such a much better way to stay clear of their rootkits, malware, and all the other shit they pull while they piss on their customers.
Evil hackers are evil.
Crackers...not hackers, there is a difference.
Give it up, man. It's like trying to teach people the real meaning of the words "irony" and "tragedy"...it's too late to save the English language.
Something tells me that this even happened in the first place as a result of them removing ""something else"" as a result of pirating...
Hope they have it up within the week & there isn't like another delay...
holy crap, finally someone besides me that knows the truth!
OH, but it was funny when you were a big shot cheering on places like 4chan and saying how cool it was to "fuck the man" and be a Hacker.....till you personally GOT Affected.
Hacker - Extreme Radical - Mercinary - Terrorist
Be it Hatred, God/Gov, or Info Control Haters there are always DOPES that think it's 'Cool' to cheer on Destruction of "Order" until you are a Victim.
Think about this next time you Cheer On the demise of someone you don't like.
Sucks to be Sony about now...
the Hacker is either Bill Gates or Xbox fan boy.
Wow maybe he create a Windows in PSN so the Hackers can get in and steal all the data?
Stupid and obvious response.
Aye they are but i guess its proof of yet another sony security failure :(
Its great fodder for the sony haters and if i didn't know i had expired card details stored i would be a bit annoyed.
I would be more than a bit annoyed. This isn't some random website run in someone's basement. The only saving grace is that you don't pay for it. If this had happened to Microsoft, heads would roll.
Yeah because jumping in to bed with microsoft is better, ever read an EULA from microsoft, you pretty much sell them your soul ;)
Yeah, and when your credit card info gets stolen off of XBox Live, they say "Eh, you can't prove it happened through us. You insist it did? Sue us. See how far you get."
Funny that certain buttkissers on this site are so blind with acquired Sony hatred, that they'll actually call them the evil corporation and stick up for -Microsoft- of all companies.
"there just isn't a flaw in it" lol you sir, have made my day.
Everything have flaws (except flawless stones in diablo 2, cause they are called flawLESS) epecially somethings that comes from microsoft
Ha!This is perfect!Xbox Live is clearly better and this just proves that PSN is shit!Xbox360-better community,no lag and better overall system,there just isn't a flaw in it.PSN-terribly infested with noobs and shit network,it's free which is cool,I guess,but so is AOL.
Actually, if you go read the rest of the "rumour" about the hack you may find that the group responsible WARNED Sony about the massive security hole.
Sony, in their infinite wisdom, decided to ignore the warning and do absolutely nothing about the hole.
Sony opted to leave user info at risk AFTER BEING WARNED so the hacker group opted to bitch slap Sony.
Sending someone a note that says "I'm going to stab you and rob you, you better get better security" does not make you a hero when you actually stab and rob them. It just makes you a psychopath.
just what exactly is this 'massive security hole'? password sent in plain text but secured by SSL?
OH HOLY GOD AMAZON MUST BE COMPROMISED
Next time try making at least a semi-valid analogy.
A better one would be: "Hey, I noticed that the lock on your side door is broken. You should probably see about fixing that before someone robs you."
Then when the lock is STILL broken a couple months later someone robs them blind.
I never said the hackers were "heroes," but Sony deserves at least some blame for not patching such a massive security hole after being made aware of it.
seriously its a rumour, it might not be true. Stop mixing fact with myths.
If it is on the official playstation blog how is it a rumor?
http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/
http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/comment-page-8/#commentform
Go brush up.
"The mighty SSL protects."
You've gotta be...
Look, SSL can easily be spoofed with fake certificates. If the data isn't also encrypted, then the secure connection can be compromised and the transmitted data can easily be read. In Sony's case, everyone's data was transmitted in plain text. Why did no one at Sony speak up and say that encrypting the data would be a better idea? Did they honestly think that SSL by itself was enough? If the data was encrypted, then the hackers would only have garbage data.
http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/
it is said here that hacker would under no circumstances be able to intercept credit card details from PS3 if no malicious proxy server and special CFW (which points to the aforementioned proxy server) is used.
as long as a PSN user with CC has a OFW (which he probably has - why does anyone need a CC with a CFW?), he has nothing to worry about. The mighty SSL protects.
Both sony, and the hackers can eat a dick.
U can eat a ...... ah fuck it.
This is the reason why I use PSN Cash card because I know hackers would get acess to ether way just to get a Credit card number.
the smart way of doing it :) i do the same, better safe than sorry
you mean better safe than sony
the smart way of doing it :) i do the same, better safe than sony
fixed it for you
If only the prepaid cards were readily available in most countries :/