PSN back online after data breach. You must change passwords [see post 1]
http://www.bbc.co.uk/news/technology-13169518
Quote:
EDIT (Matt D) I thought I'd add some links & a summary to the first post (sorry for editing your post, Kymmy :) ). THE GREAT PSN DATA BREACH The PlayStation Network (PSN) has suffered an "illegal and unauthorized intrusion", which has resulted in the personal information of all PSN account holders being compromised. Sony has shut the network down while it investigates the breach (including using an "outside, recognized security firm") and attempts to strengthen and re-build the network. Personal information which Sony definitely believes has been obtained by an unauthorised person: Name, Address (city, state, zip), Country, Email Address, Birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. Personal information which Sony believes may have been obtained: Profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers. Credit Card information: Although there is not yet any evidence that credit card information has been obtained, Sony says that it "cannot rule out the possibility" and that your card number and expiry date may have been obtained (but not the security code). The credit card table was encrypted, however the personal data table was not. If you used the same password on any other sites/services as you use on PSN, then you should change the password for those other sites/services as soon as possible. If you had a credit or debit card attached to your PSN account, then you should at the very least pay close attention to it and look for any suspicious activity, just in case. If you notice any suspicious transactions, then phone your bank / card provider's fraud line at once. If don't notice anything but you are still worried about it, then phone your bank or card provider and ask for the card to be cancelled and replaced with a new card due to potential fraud from the PSN data breach. However, Sony is apparently going to be passing card numbers on to Financial Fraud Action (FFA), which will then pass them on to the relevant banks and card providers, so your card should hopefully be cancelled automatically if Sony believes it was at risk. If you are worried about the increased possibility of ID theft or credit fraud, due to the personal information which has been stolen (name, address, DOB, etc.), then you can request "Protective Registration" from CIFAS (the UK's Fraud Prevention Service). This costs £12 + VAT, and means a "CIFAS warning flag marked Protective Registration will then be placed on the CIFAS National Fraud Database against your name and personal details to indicate that you have been recorded at your own request for your protection". If any credit or certain other services are then applied for in your name, the warning flag tells CIFAS member organisations to be extra vigilant and undertake extra checks to ensure that the application is genuine. The CIFAS flag lasts for one year. An FAQ is here: http://www.cifas.org.uk/pr_faqs Official updates from the PlayStation Blog: These are what Sony has said so far, and include various bits of info on what has happened. 26th April - Update on PlayStation Network and Qriocity 27th April - Q&A #1 28th April - Q&A #2 "1st May - Some PlayStation Network And Qriocity Services To Be Available This Week" Quote:
15th May - Phased restoration has begun. PS3 system software version 3.61 is now available, via the PS3 directly or the PlayStation website. This version will force you to change your PSN password, once PSN is back up. "PlayStation Network Restoration Begins" Quote:
Other links: "MoneySavingExpert - PlayStation users' data stolen in hack: what should you do?" Statement from the Information Commissioner's Office Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Possibly another update coming to stop the CFW's with certain patches playing online perhaps
|
re: PSN back online after data breach. You must change passwords [see post 1]
Update from Sony this morning
“An external intrusion on our system has affected our PlayStation Network and Qriocity services, In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th.” Source No ETA on it being resolved. |
re: PSN back online after data breach. You must change passwords [see post 1]
Ha ha sounds like its that group using the name "anonymous" who has threatened to disrupt Sony as much as they can
|
re: PSN back online after data breach. You must change passwords [see post 1]
They should try hacking something bigger than Sony, Maybe the US government
They wont be so Anonymous anymore :) |
re: PSN back online after data breach. You must change passwords [see post 1]
if you look at the anonymous website, they have a big image saying "it wasnt us!"
im sure they would admit it, if it was them |
re: PSN back online after data breach. You must change passwords [see post 1]
It could be Sony subterfuge trying to get public opinion onside.
At the end of the day half the scene wouldnt have been interested in hacking the system if they didnt remove the linux options. The only defense Sony has now is PSN. I have stayed on 3.41 and a Jailbreak dongle myself but if and when 3.56 and above gets a CFW I may well update but PSN I aint bothered about anyway |
re: PSN back online after data breach. You must change passwords [see post 1]
|
re: PSN back online after data breach. You must change passwords [see post 1]
Grrr I just bought a new PS3 today and am transferring the data over, just hope I can disable the stuff on the old console after the transfer without any ill effects. Any ideas?
|
re: PSN back online after data breach. You must change passwords [see post 1]
Hope they get it back on soon.
|
re: PSN back online after data breach. You must change passwords [see post 1]
It's not by anonymous, it's a chinese group who are not happy that their Jailbreak/CRC encryption God has been told no by Sony lawyers :P
I also expect them to update PSN to detect firmware changes and disable any USB bootup access. |
re: PSN back online after data breach. You must change passwords [see post 1]
Time to change passwords & keep an eye on the credit card? ...
http://blog.us.playstation.com/2011/...-and-qriocity/ Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
That must mean they were storing passwords in the clear, i.e no hashing, utterly useless morons. That really is amateur hour.
|
re: PSN back online after data breach. You must change passwords [see post 1]
I always knew the psn was poor and it's now confirmed. Sony are totally useless.
|
re: PSN back online after data breach. You must change passwords [see post 1]
only psn, who cares ? if it was xbox live it would be the end of the world!!! :D
|
re: PSN back online after data breach. You must change passwords [see post 1]
i have both an xbox and a ps3 and i think ps3 is far better
|
re: PSN back online after data breach. You must change passwords [see post 1]
Lets not turn the thread in to another PS3 Vs Xbox one. Thank you.
Personally the PSN is really poor compared to Live and its also been confirmed that Sony had little or no encryption/security on customer details. Not good at all. They better get this all sorted soon and will have to prove to people that they are implementing new security measures to prevent something like this happening again. |
re: PSN back online after data breach. You must change passwords [see post 1]
Even if users' credit card numbers & security answers haven't been stolen, there is still a lot of sensitive personal information which has... Name, Address, Date of Birth, email address, etc. ...
I hope no one used the same password for PSN on any other sites or services... If anyone has their credit card info on PSN, I think you should cancel the card, just in case. If anyone is really worried about potential fraud or ID theft due to the breach, then you can register (for a small fee) with CIFAS for extra protection: http://www.cifas.org.uk/pr_for_individuals Quote:
I can't actually remember which card I used on PSN. If it was my debit card, then I'm fine as it's long since changed & the one on PSN would be expired. I don't think I used a credit card, but I'm not 100% sure now... |
re: PSN back online after data breach. You must change passwords [see post 1]
as has been said, they need to sort out security, how could they not have any form of protection on the data? surely thats a data protection issue??
and while they are patching their systems up, they can sort out something with the CFW's, I personally dont mind people loading whatever software they want, afterall, your not forced to use windows, you can install any OS you want on your computer, but when its used to start hacking games, that does my nut in. Theres no point trying to get ranked highly in the world on call of duty because the top million players have all hacked, and there are people who have hacked to max their scores out, then others who have boosted them slightly, as made it less obvious that its a hacked score. so all in all, sony need to boost security on all fronts |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
I emailed the Information Commissioner's Office last night, via the Data Protection Complaints page. Just a query, rather than a full official complaint using the DPA complaint form. casework@ico.gsi.gov.uk ---------- Post added at 14:49 ---------- Previous post was at 13:49 ---------- LOLZ... https://www.cableforum.co.uk/images/local/2011/04/7.gif http://dribbble.com/system/users/227...store-top5.jpg |
re: PSN back online after data breach. You must change passwords [see post 1]
I heard on CBS News (on Sky News 1am) that some 75,000,000 credit details may have been stolen.
If this true then Sony could face a lot of agro from those people who have money taken out of their credit card. I would call my credit card company and get them to send a replacement card ASAP. Thank god I'm on XBL. |
re: PSN back online after data breach. You must change passwords [see post 1]
Well, it's 77 million total PSN accounts. Not all of them will have credit/debit card info associated with them.
I checked through my emails to find out which card I used for PSN... It was an old & now expired card, last used to purchase stuff from PSN in late 2008, so I'm safe regarding that, at least. Still worrying re. all the other data though... name, address, DOB, email, etc., & potentially also security answers (e.g. mother's maiden name). |
re: PSN back online after data breach. You must change passwords [see post 1]
I know people are fearing the worst but I don't think they will do anything at all with the data. I think they were just out to totally screw Sony and show it is easy it would be.
|
re: PSN back online after data breach. You must change passwords [see post 1]
... Or they may sell the data on to credit/ID thieves...
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
Quote:
---------- Post added at 20:58 ---------- Previous post was at 20:56 ---------- Quote:
...until that gets hacked.... |
re: PSN back online after data breach. You must change passwords [see post 1]
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
I was talking about the actual on line services of the console in my post, the post before mine just claimed one console was rubbish compared to the other. |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
Quote:
Personally Live is poor compared to PSN because I don't have it :D |
re: PSN back online after data breach. You must change passwords [see post 1]
Well with regards to the security question I would never pick a dangerous one, I have in the past selected other less senative ones, fav drink, first pet etc.
|
re: PSN back online after data breach. You must change passwords [see post 1]
have the hackers got everyone details who goes on the psn?
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
MoneySavingExpert - PlayStation users' data stolen in hack: what should you do?
Quote:
---------- Post added at 03:37 ---------- Previous post was at 03:04 ---------- New Q&A from Sony: http://blog.us.playstation.com/2011/...city-services/ |
re: PSN back online after data breach. You must change passwords [see post 1]
The legal repercussions have started - Link
|
re: PSN back online after data breach. You must change passwords [see post 1]
I see the American's are first to sue anything not tied down again lol
But then again even if Sony had brilliant network security and it was a hard job for any hacker to gain access, whether its .htaccess or whatever, the American's would sue anyways :P Hell they would sue if there was a pin point stain on a case of a PS3. "I am suing Sony for the sum of $100,000 because the stain distressed my son and the whole family". |
re: PSN back online after data breach. You must change passwords [see post 1]
Statement from the Information Commissioner's Office
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
I learned a while back if you know someone has the capability to either DDOS you to death or knows what he is doing in regards to security compromise then dont mess them about, just ignore them as you dont want their focus. Nothing is 100% secure, its impossible. The best in the world if focused will get in to anything.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
In short, if you ignore a hacker, he or she will probably go away. If Sony does, word will get round and it'll actually attract more hackers. |
re: PSN back online after data breach. You must change passwords [see post 1]
|
re: PSN back online after data breach. You must change passwords [see post 1]
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
Anyone big or small can be a victim. I have also been subject to other attacks although much weaker and managed to persuade those attackers to stop. It was the co-operation of above.net and a couple of other upstream providers who were willing to filter out the traffic based on data I passed on that allowed me and my colleagues to keep services online during the large attack. They all did this at no cost surprisingly so was very nice of them, as the amount of traffic filtered must have ran into 100's of terabytes. Although we could have kept services online without filtering the costs wouldnt have been viable. Someone on our behalf one of our users retalliated as well against the dns servers controlling his botnets as he had a weakpoint, this also gave us about 2 days reprieve whilst he rerouted his dns. Apparently it was the first time someone had managed to kill his botnet and the attacks were short after he recovered and moved onto another target, but by then it was too late for him and we knew his address. The same rules applies to anyone or company really and that is dont think you invincable in the online world and be careful of who you upset. as an added note the sites were not web sites and were direct competition to the attacker. |
re: PSN back online after data breach. You must change passwords [see post 1]
any news when we likley to be back on?
|
re: PSN back online after data breach. You must change passwords [see post 1]
Looking from the updates some parts will be running from next week Wednesday, great another weekend with out a bit of online action after a long day of resting in the garden.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Announcement from the Sony press conference this morning
http://blog.eu.playstation.com/2011/...ble-this-week/ It details some of the changes to their security systems and also announces their "Welcome Back" Program Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
I think that is a pretty good offer of free services for the downtime. The 30 days PSN and Qriocity for those subscribed was pretty much a must do, but to give all users free PSN + and some free content is a pretty good sweetner.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
So... what's the betting that the free content is just a theme? ;)
Not remotely bothered about the free month of PlayStation Plus, as I think its "benefits" are only really of any use if you continue to subscribe? Still, it's good that they're offering something, and it's good to have another more comprehensive update on what's going on. |
re: PSN back online after data breach. You must change passwords [see post 1]
whats on the play station plus anyway?
|
re: PSN back online after data breach. You must change passwords [see post 1]
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
who thinks it will get breached again?
|
re: PSN back online after data breach. You must change passwords [see post 1]
Does anyone know how I can find out if I ever entered my credit card details into the sony network? I can't remember if I ever did.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Just go into Billing Details when it comes back online :confused:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
Quote:
Quote:
However, credit card info should hopefully be OK. It was in the "probably not compromised but we'd better warn people anyway" category, unlike your name, address, DOB etc. (which was all in the "oops, that's all been taken" category). Sony said all Credit Card info was encrypted (& I think it may have been on a separate server), which from what I have read is a requirement of international payment card industry security standards. And according to MSE: http://www.moneysavingexpert.com/new...stolen-in-hack Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
On the Playstation I mean? Or do I go online to a website to reset it? Will it recognize me if I have formatted and used a different HDD and/or console? My console was repaired as well before but I may have been given new internals/refurb since I signed up.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Sony Online Entertainment servers have now been shut down due to an unnamed intrusion!
http://www.neowin.net/news/sony-onli...amed-intrusion |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
http://uk.pc.ign.com/articles/116/1165583p1.html Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
storing encrypted is standard practice now days for anything billing related so is poor from sony in that regard.
|
re: PSN back online after data breach. You must change passwords [see post 1]
http://www.bbc.co.uk/news/technology-13256817
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
I use my work email addy for one of my PSN accounts and since receiving the email from Sony regarding the PSN breach, I've had dozens of spam emails from eastern european ladies looking for relationships and seeking contact via Skype.
Obviously I deleted them all and added the sender to the blocked list but a coincidence I think not. |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
:D Couldnt resist :p: |
re: PSN back online after data breach. You must change passwords [see post 1]
As part of my yahoo mail package I have a unique email address for my PSN, and I have received no spam at all on it.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
Fingers crossed it's all back up and running this evening, I'm missing GT5 |
re: PSN back online after data breach. You must change passwords [see post 1]
I just want to get my PSN+ stuff, it's the turn of the month now! :D
Although I hope it is not dumbed down as it is free to all this month! |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
I wonder if sony have taken advantage of this to upgrade their servers capacity because they normally grind to a halt when map pack's get released. |
re: PSN back online after data breach. You must change passwords [see post 1]
"Sony’s Response to the U.S. House of Representatives"
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
---------- Post added 05-05-2011 at 00:04 ---------- Previous post was 04-05-2011 at 23:34 ---------- does anyone know when PSN will be back online? |
re: PSN back online after data breach. You must change passwords [see post 1]
Going off word of mouth from a mate, he was expecting the PSN network to be back up and running at 1am this morning, but because Sony had found that another 20 million users details had been stolen it may be delayed further, how true this is I cant say.
Just to add I had a phone call from a guy claiming to be from Northern Rock last night saying they wish to discuss something with me but before they could proceed they need to ask some security questions, so I said unless your willing to disclose what its about you aint getting jack out of me. This went back and too a few times so I said to the guy listen, given the fact that PSN has just been hacked, I'm not comfortable handing over personal info over the phone, the chap was very understanding, gave me his name and number and asked me to ring back in the morning. It's probably genuine as I have dealing's with NR but I'm not taking any chances. |
re: PSN back online after data breach. You must change passwords [see post 1]
Sony have been very quiet again, looks like this week is off then!
Also I am confused at how people are still posting on the official PS forums when you can't log into PSN? Hows that work then? |
re: PSN back online after data breach. You must change passwords [see post 1]
Probably seperate MYSQL database for the forums.
|
re: PSN back online after data breach. You must change passwords [see post 1]
also likely different physical servers.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Yeah, but then I would be able to log in - and I can't?
|
re: PSN back online after data breach. You must change passwords [see post 1]
Sony knew PSN had security flaws before it was hacked!
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
what he said about security updates is very true, I know this first hand when I have had people telling me to prioritise uptime over patching updates. However alot of updates would only need a few seconds downtime most of the time and in addition a company the size of sony I would expect to have redundant setup's so they can take servers offline without affecting uptime.
|
re: PSN back online after data breach. You must change passwords [see post 1]
So when's it coming back online, I'm getting the shakes man :D:D
Just kidding So has anyone got any firm news, a mate just text me saying it could be on by 10pm tonight or tomorrow, it would appear the goalpost's are continually moving. The same mate also said PSN is ready to go and that Japan will be first, again how true this is I dunno. |
re: PSN back online after data breach. You must change passwords [see post 1]
all your trophies will be gone!!!! all account details were on a memory stick, buried in the sea, with bin laden! all your progress will be lost and you will be forced to create a new account
yeah yeah i know its BS, just like every other rumour. if sony had given a time, either they would make it official, or someone, a news site or something would post it |
re: PSN back online after data breach. You must change passwords [see post 1]
http://www.bbc.co.uk/news/business-13288532
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
It is not Anonymous, it is a Chinese hacking group, who announced today they will go for a 3rd attack because of the way Sony has conducted themselves during the previous 2 attacks.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
|
re: PSN back online after data breach. You must change passwords [see post 1]
I'm getting hacked off with all this now :tiptoe: , thanks for the linky Ravenheart :D
|
re: PSN back online after data breach. You must change passwords [see post 1]
More information on the "Welcome Back" scheme and Sony are working on an EU version of the years free identity theft insurance offered to US users.
http://blog.eu.playstation.com/2011/...tion-offering/ |
re: PSN back online after data breach. You must change passwords [see post 1]
they stuck in a hard place.
the nightmare scenario is they bring services back up (I expect they ready to do this now) but then get compromised again making them look incompetant. At some point they will have to bring services back online, they cant hide behind been offline forever. |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
I have seen corporate sites using versions of apache years old. given that updating apache will typically give a downtime of about 1 second up to maybe 5 seconds or so if busy for the restart I think its not excusable.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Even then they could have had a sister server running an updated apache while the main server was updated and restarted.
|
re: PSN back online after data breach. You must change passwords [see post 1]
A company the size of sony I would expect to have multiple apache sitting behind a proxy (proxy also acts as security filter and cache) and as you said be able to take down apache slaves without downtime. But what I would expect and what they do can obviously be very different things.
|
re: PSN back online after data breach. You must change passwords [see post 1]
Latest update
Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
Another day another data breach?
Quote:
Then an update with more info Here Quote:
|
re: PSN back online after data breach. You must change passwords [see post 1]
hurry up sony :(
im glad iv got an xbox to play on in the meantime |
re: PSN back online after data breach. You must change passwords [see post 1]
any news when we going to be back on?
|
re: PSN back online after data breach. You must change passwords [see post 1]
they reckon by the 31st may , but dont hold your breath ive passed out several times already :)
http://www.maxconsole.net/content.ph...-further-weeks thank god ive got black ops on the 360 as well |
re: PSN back online after data breach. You must change passwords [see post 1]
So, it seems the allegations that was running an outdated Apache server and no firewall are actually a load of rubbish.
http://bitmob.com/articles/detective...ers-up-to-date |
re: PSN back online after data breach. You must change passwords [see post 1]
every site linked to from this thread is incredibly slow to load or doesnt load without disabling adblockers.
bitmob.com incidently fails to load anything at all. 1 1 ms <1 ms <1 ms home.gateway2 [192.168.1.1] 2 10 ms 7 ms 7 ms cpc14-leic14-2-0-gw.8-1.cable.virginmedia.com [8 .30.112.1] 3 8 ms 7 ms 8 ms leic-core-1a-ae3-2231.network.virginmedia.net [8 .3.33.45] 4 8 ms 11 ms 11 ms leed-bb-1a-as8-0.network.virginmedia.net [213.10 .172.17] 5 15 ms 14 ms 14 ms popl-bb-1b-as1-0.network.virginmedia.net [62.253 185.238] 6 14 ms 15 ms 16 ms popl-tmr-2-ae5-0.network.virginmedia.net [213.10 .159.6] 7 16 ms 15 ms 15 ms tele-ic-2-as0-0.network.virginmedia.net [62.253. 84.6] 8 * * * Request timed out. |
re: PSN back online after data breach. You must change passwords [see post 1]
Quote:
|
All times are GMT +1. The time now is 06:08. |
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.