Sony: “We Let Hackers Have All Your Personal Data”
- Categories: Games, News
- Date: Apr 27, 2011 07:03 JST
- Tags: Announcements, Bugs, Crime, Fraud, Hacking, Internet, Sony, Technology
Sony has admitted that as a result of the hack which prompted it to take the PSN offline, hackers have stolen the personal data of all of its users, including their name and address, date of birth, passwords and security questions, purchase history and possibly credit card info.
In its latest official announcement, Sony claims it will have services restored within a week of when service will resume, but does provide extensive details about just how badly it has been compromised:
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided:
Name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.
It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.
If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained.
While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility.
If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information.
Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.
When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password.
Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
[Sony also provides details on how US residents can make it more difficult for criminals to fraudulently make credit cards in their name now hackers have all their personal info]
As most people tend to utilise the same passwords and password prompts on multiple sites, even with no personal or credit card data leaked, a great many users are likely to be placed at considerable risk.
The most recent rumour regarding the actual cause of the outage suggests that the latest cracked firmware allowed users of hacked PS3s to download any and all paid PSN content and DLC for free using fake credit card numbers, prompting Sony to pull the entire service.
Sony has so far been silent regarding such theories, but the admission that so much personal data has been compromised suggests Sony’s security lapse has been on a catastrophic scale and that the consequences may be far-reaching – not least when everyone starts suing Sony.
Meanwhile, Microsoft is apparently experiencing an Xbox Live outage of its own – because so many people are creating new accounts with them, their servers are experiencing some difficulties.
| 
Dead or Alive Ero-SFM Doubly Dirty
Flying Witch “Cute But Boring…”
Phantasy Star Online 2 Phantastic: “What About the West!?”
Shounen Maid “A Fujoshi Delight”
Terra Formars Live Action Web Drama Announced
Dragon Quest Heroes II Quite Monstrous
KumaMiko Lovingly Innocent
Aqua Onahole Parody Hopefully Moist
A-Size Classmate Profusely Petite
One Day With Maria Raunchy & Romantic
The Reject Demon: Toko Chapter 0 Raises Its Voice
Hai-Furi in Troubled Waters
Star Fox Zero “Pandering To Kids!”
Kiznaiver Shares Its Pain
Love Live’s Koi ni Naritai Aquarium PV “Will Sell Thousands!”
Skimpy Kataigou Figure
Ellen Baker’s Illustrator: “Keep It Clean!”
Bullet Girls 2 Goes At It From All Angles
Sword Art Online: Hollow Realization A Real Grind
Koutetsujou no Kabaneri Immensely Gruesome
Goddess of 2ch “Another Bathing Beauty!”
Tantalizing Hestia Cosplay Busts Out
Kashiwazaki Sena Cosplay Pure & Innocent
Minami Kotori Casino Girl Cosplay Takes No Chances
Shimakaze Cosplay by Ema Sakura
Harley Quinn Cosplay by Miyuko Colorfully Crazy
Sonico Ero-Cosplay by Yuka Hoshikage Super Sexy
Kasugano Sora Bunny Girl Cosplay Absolutely Admirable
Goddess of 2ch: “Barely Legal Beauty!”
Highly Yuri Tenryuu & Tatsuta Cosplay by Garo & Usagi
Alright Sony-Fanboys, let's see you defend them now.
So when a woman gets raped, you blame the woman for dressing slutty and not fighting back hard enough, I guess?
Wouldn't that be implying that psn isn't secure since your comparing it to a women that doesn't fight back.
Reading comprehension fail?
"not fighting back hard enough" != "doesn't fight back"
a women that doesn't figth back?!
But how is babby formed?
who fights back for every second of her life (I'm sure this wasn't the first hack attempt) but once people take advantage of her
It's more like Sony is bringing his woman to a party which is ‘going to be a blast, you'll love it, honest’.
When a woman gets raped, she is the only one that gets fucked (pun) but when a network service like the PSN gets hacked, its OUR data that gets stolen, not Sony's.
All your base are belong to us.
Sony's not the woman. It's the rapist's dick.
Wow, the fact that you compare this to a woman being raped is pretty disgusting.
That not withstanding, waiting SEVEN FUCKING DAYS to let their users know that their personal information has been violated is completely unacceptable and Sony could be subject to investigations and possible penalty by the SEC and EU.
It sounds like maybe service should -not- resume. <.<
When she gets raped I blame myself for not controlling the urge to resist. :(
I'm not a MS fan myself, but I wouldn't like to see this happen to then.
I never knew sony haters could be so childish..........oh wait, yeah I did. Seriously, grow up...
i dont think it's those people...maybe more along the lines of sony players who all of a sudden thought of an idea that if what he infomation he gave to sony is what others gave and decided to hack into it to do other illegal stuff, like id frauds, credit accounts, or blackmailing...
Plenty of Pro Sony articles on this sight, you just need to read them.
Evil hackers are evil.
Aye they are but i guess its proof of yet another sony security failure :(
Its great fodder for the sony haters and if i didn't know i had expired card details stored i would be a bit annoyed.
I would be more than a bit annoyed. This isn't some random website run in someone's basement. The only saving grace is that you don't pay for it. If this had happened to Microsoft, heads would roll.
Ha!This is perfect!Xbox Live is clearly better and this just proves that PSN is shit!Xbox360-better community,no lag and better overall system,there just isn't a flaw in it.PSN-terribly infested with noobs and shit network,it's free which is cool,I guess,but so is AOL.
Yeah because jumping in to bed with microsoft is better, ever read an EULA from microsoft, you pretty much sell them your soul ;)
Yeah, and when your credit card info gets stolen off of XBox Live, they say "Eh, you can't prove it happened through us. You insist it did? Sue us. See how far you get."
Funny that certain buttkissers on this site are so blind with acquired Sony hatred, that they'll actually call them the evil corporation and stick up for -Microsoft- of all companies.
"there just isn't a flaw in it" lol you sir, have made my day.
Everything have flaws (except flawless stones in diablo 2, cause they are called flawLESS) epecially somethings that comes from microsoft
Actually, if you go read the rest of the "rumour" about the hack you may find that the group responsible WARNED Sony about the massive security hole.
Sony, in their infinite wisdom, decided to ignore the warning and do absolutely nothing about the hole.
Sony opted to leave user info at risk AFTER BEING WARNED so the hacker group opted to bitch slap Sony.
Sending someone a note that says "I'm going to stab you and rob you, you better get better security" does not make you a hero when you actually stab and rob them. It just makes you a psychopath.
Next time try making at least a semi-valid analogy.
A better one would be: "Hey, I noticed that the lock on your side door is broken. You should probably see about fixing that before someone robs you."
Then when the lock is STILL broken a couple months later someone robs them blind.
I never said the hackers were "heroes," but Sony deserves at least some blame for not patching such a massive security hole after being made aware of it.
just what exactly is this 'massive security hole'? password sent in plain text but secured by SSL?
OH HOLY GOD AMAZON MUST BE COMPROMISED
seriously its a rumour, it might not be true. Stop mixing fact with myths.
If it is on the official playstation blog how is it a rumor?
http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/
http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/comment-page-8/#commentform
Go brush up.
http://psx-scene.com/forums/f6/call-privacy-modern-spyware-playstation-network-81141/
it is said here that hacker would under no circumstances be able to intercept credit card details from PS3 if no malicious proxy server and special CFW (which points to the aforementioned proxy server) is used.
as long as a PSN user with CC has a OFW (which he probably has - why does anyone need a CC with a CFW?), he has nothing to worry about. The mighty SSL protects.
"The mighty SSL protects."
You've gotta be...
Look, SSL can easily be spoofed with fake certificates. If the data isn't also encrypted, then the secure connection can be compromised and the transmitted data can easily be read. In Sony's case, everyone's data was transmitted in plain text. Why did no one at Sony speak up and say that encrypting the data would be a better idea? Did they honestly think that SSL by itself was enough? If the data was encrypted, then the hackers would only have garbage data.
Both sony, and the hackers can eat a dick.
U can eat a ...... ah fuck it.
Crackers...not hackers, there is a difference.
Give it up, man. It's like trying to teach people the real meaning of the words "irony" and "tragedy"...it's too late to save the English language.
Something tells me that this even happened in the first place as a result of them removing ""something else"" as a result of pirating...
Hope they have it up within the week & there isn't like another delay...
holy crap, finally someone besides me that knows the truth!
the Hacker is either Bill Gates or Xbox fan boy.
Wow maybe he create a Windows in PSN so the Hackers can get in and steal all the data?
Sucks to be Sony about now...
OH, but it was funny when you were a big shot cheering on places like 4chan and saying how cool it was to "fuck the man" and be a Hacker.....till you personally GOT Affected.
Hacker - Extreme Radical - Mercinary - Terrorist
Be it Hatred, God/Gov, or Info Control Haters there are always DOPES that think it's 'Cool' to cheer on Destruction of "Order" until you are a Victim.
Think about this next time you Cheer On the demise of someone you don't like.
Stupid and obvious response.
Qriocity is not available in my country
imokwiththis.jpeg
......it's not just Qriocity that was targeted.
Muhahahahahahahahahahahahahahahahaha <- nothing more to say
Im glad i have my red ring of not hacked XBox 360
xbox has been hack as well before
But they never got any user data.
Yeah, they do, Microsoft just doesn't admit it.
Ever.
prove it