Support NeoGAF

[bigdaddygamebot]

So...being a tool and having posted on Kotaku over two years ago...I got fucked and had to change all my passwords.

Now...because of Sony...I'm changing all my passwords again. rad.

 

[The Lamonster]

Sony fucked up bigtime. What a bunch of asses. I wish I never even bought a PS3 now, it's not like I ever played games on it anyway, until MK came along.

 

[zerokoolpsx]

Wow. Didn't think it was that severe. I know what to do when I get back on PSN again.

 

[Barrett2]

Yeah, it's bad. Each state has certain requirements when a data breach such as this happens, as well as each country. The thing is is that this breach is potentially so large, the regulations simply can't be met. I wouldn't even know where to begin if Sony came to me with this. At my firm we joke that when a data breach happens, it "blocks out the sun" for us for a few weeks, and those are for data breaches that are FAR, FAR, FAR smaller than this. This is going to be a nightmare.

This will prove to be an interesting case study, at the very least, and without question, laws and regulations will have to be drafted and/or amended because of this. I'm very curious as to what they do...

I attended a seminar once where they talked about this. I had no idea there were so many costs associated. Can you even imagine informing the insurance carrier? Oh hi, turns out we had a data breach... all 75,000,000 accounts.... in 40 different countries.

Sweet Jesus.

 

[phosphor112]

What? What was that? Cfw wont affect honest users? Hmm? Its only for otherOS?

We are freaking out? Making a big deal? Whats that, your mkv is more important? Hmmm. No proof this will disrupt psn and online? Yea...

My media playback device though D;=...

heh...

 

[darkwing]

They will be fine. Shit like this is not uncommon.

Still infuriating though.

nah i think this is the biggest stolen info ever, i can't think of anything bigger

 

[SolidSnakex]

The fact that they didn't tell sooner is what's so annoying. I couldn't care less who has my name and address.

Why are you assuming that they knew how deep it went earlier? In that FAQ they mention that they brought in a security firm to look into this so it wouldn't make sense for them to sit on it for an extended period of time (specifically a week as some are suggesting). They should take heat over this regardless but I don't see any indication that they've known about it for days now.

 

[CAW]

Problem solved.

If you had a time machine.

 

[RiZ III]

Fuuuuuuuuuuuuuuuuuuuuuuuuuuuu!!!!!

 

[Calcaneus]

Holy shit, how can such a huge company fuck up this badly over basic shit. And I'm supposed to trust these guys? Fuck that. I'm taking as much of my info I can off there asap.

 

[Ferrio]

I'm guessing BlimBlim's theory may turn out to be correct.

That most of the focus with PSN was on the client-side security and not the server-side. When the PS3 security imploded, it meant security through invisibility was broken and led to the discovery of exploits through brute-force.

They did their best to lock compromised PS3's out of the network, but didn't shore-up the network itself. Hench all the 'rebuilding' going on now.

Yep they should of done the rebuild soon as that happened, they took a gamble... it didn't work well.

 

[see5harp]

I think it's pretty ignorant for people to say PSN security was shitty just because it was hacked.

If a group of determined script kiddies set their sights on XBL instead of PSN, XBL would be down for the count too.

Here we go again with this "script kiddies" nonsense. This was not a DDOS attack by some random kids on a messageboard.

 

[captmcblack]

I had my debit card in there.

Gotta change my password there, and get on that 1Password stuff too in general.
Gotta disassociate my debit card as well - and maybe get a new one altogether.

*sigh*

 

[BeeDog]

I'm just wondering, when the Gawker shit occured, did people actually see the password/account lists floating around? If the same shit will happen here, I hope good community members will notify of that happening.

 

[Adamm]

So...being a tool and having posted on Kotaku over two years ago...I got fucked and had to change all my passwords.

Now...because of Sony...I'm changing all my passwords again. rad.

You really shouldnt use the same password for everything anyway

 

[Won]

Haven't used PSN for a long time. Have absolutely no idea what this means for me.

 

[Relix]

Haha can't even remember my PSN password =P.

 

[Spooks]

So I just so happened to remove my cc info from psn a couple weeks before this all happened. Am I still fuuucked?

 

[Metalmurphy]

I still don't understand why Sony took 6 fucking days before saying anything. As soon as they suspected something was up they should have notified everyone. Absolutely ridiculous

It's not wise to say something till you know exactly what happened.

 

[Chorazin]

Ok, so basically these Hackers got all the information (except your PSN password unless you're an idiot) one could get by having your name, Google, and ten minutes?

Until they have evidence that credit card numbers and expiration dates were accessed, we should be fine. It's bullshit that it took them a week to tell us, but it could be waaaaay worse.

 

[Interfectum]

They will be fine. Shit like this is not uncommon.

Still infuriating though.

Uh, this shit is pretty uncommon.

 

[mufraka]

FUCK SONY SERIOUSLY

.

 

[woolley]

Do you need to know the current account password to change the password?

 

[notworksafe]

Holy shit, how can such a huge company fuck up this badly over basic shit. And I'm supposed to trust these guys? Fuck that. I'm taking as much of my info I can off there asap.

Why? If it's been taken, it's already out there. And after this security there will be tighter than ever.

 

[GreekWolf]

Hackers should receive the lion's share of the rage, that much is certain.

However, one thing is guaranteed... I won't be trusting Sony with my account information ever again. EVER. This is as ridiculous and incompetent as RRoD, except that I doubt Sony will be compensating for identity theft. I mean, seriously... holy shit.

Edit: Already see the delusional crowd banging the corporate drum. This isn't the right time, guys. Just lay low for a bit.

 

[Rebel Leader]

So I just so happened to remove my cc info from psn a couple weeks before this all happened. Am I still fuuucked?

I don't know.

 

[Dreamgazer]

So anyone out there still want to defend the hackers? lol.

 

[sajj316]

Until there are confirmed reports that people's ccs were stolen and used, I'm not worried

This. Why aren't there confirmed reports of stolen CC info used since the breach? I believe the intrusion wasn't intended to me malicious but rather a rude awakening for Sony.

 

[Plinko]

Ok, so basically these Hackers got all the information (except your PSN password unless you're an idiot) one could get by having your name, Google, and ten minutes?

Until they have evidence that credit card numbers and expiration dates were accessed, we should be fine. It's bullshit that it took them a week to tell us, but it could be waaaaay worse.

But the way Sony worded it in their release is extremely suspect and leads me to believe it's been taken.

 

[Boogiepop]

If I just made my account but didn't do anything with it, it should have any critical data of any sort, right? Like, the baseline for getting on and downloading a demo. I haven't done anything significant with my account so it shouldn't have my CC or anything, but it's been a while since I signed up.

 

[tim.mbp]

Not taking any chances. Called my bank and they put a stop on my debit card. New one issued, but might take up to two weeks to arrive. Thanks Sony!

 

[Cyborg]

And this is why Sony should go all out taking down these hackers.

this....

 

[Brandson]

If Sony has no way of distinguishing legit PSN account owners from identity thieves upon login, does that mean Sony is going to have to wipe all PSN accounts and start clean? Presumably many users will not be able to login instantaneously once PSN is re-activated, allowing hackers to login for them, change their password and keep the account. Alternatively, if you are able to login fast enough to change your password, couldn't a hacker just call Sony later claiming their account was stolen and get Sony to change your password so only the hacker has access anyway? If they have all your info, there's no way for Sony to distinguish between legit customers and hackers. Deleting all PSN accounts seems like the only way forward at this point.

 

[An-Det]

Joke's on them, my credit card was already maxed out.

Seriously though, goddamn.

 

[wonderkins]

And yet still there are individuals who are dissembling about Sony's responsibility. Bewildering.

 

[Adamm]

I'm just wondering, when the Gawker shit occured, did people actually see the password/account lists floating around? If the same shit will happen here, I hope good community members will notify of that happening.

The encrypted list was easily obtainable from torrent sites

Would sony really store CC/password info unencrypted?

 

[obonicus]

I still don't understand why Sony took 6 fucking days before saying anything. As soon as they suspected something was up they should have notified everyone. Absolutely ridiculous

They didn't know. The security audit mentioned isn't just some formality; it's to go and find out just exactly what had happened.

 

[SmithnCo]

So anyone out there still want to defend the hackers? lol.

No, but not a lot of people will defend Sony either. What a clusterfuck.

 

[Jerk]

Uh, this shit is pretty uncommon.

It happens frequently enough that there is no reason to believe that any of the damage will be long term.

 

[mxgt]

Joke's on me for not removing my debit card info from my EU PSN account when I sold my PS3.

Fuck Sony.

 

[Mr. Luchador]

So, I wonder, under UK Law have Sony failed to adhere to the Data Protection Act?

 

[SolidSnakex]

Do you need to know the current account password to change the password?

You input your current password and then you're able to change it.

 

[kadotsu]

So...being a tool and having posted on Kotaku over two years ago...I got fucked and had to change all my passwords.

Now...because of Sony...I'm changing all my passwords again. rad.

This time try to create no password redundancy. Its the best weapon against hackers.

 

[Mercury Fred]

If anyone gets all of the money drained from their accounts because of this they can just get a second job.

 

[Oozinator]

I DEMAND cash COMPENSATION from Sony for their careless handling and leak of my private personal information and for the emotional trauma this is causing to me and my family !

Sony's resolution department may contact me to arrange a wire transfer to my bank account in Morocco.


Let's start a worldwide class-action lawsuit at the Hague International Court of Justice.

 

[Foliorum Viridum]

Another fucking week?

This is ridiculous.

 

[Neuromancer]

I'm just wondering, when the Gawker shit occured, did people actually see the password/account lists floating around? If the same shit will happen here, I hope good community members will notify of that happening.

It's funny, I actually thought I was OK until I got an email from Groupon saying my email address was among those posted, along with my password.

 

[MThanded]

If Sony has no way of distinguishing legit PSN account owners from identity thieves upon login, does that mean Sony is going to have to wipe all PSN accounts and start clean? Presumably many users will not be able to login instantaneously once PSN is re-activated, allowing hackers to login for them, change their password and keep the account. Alternatively, if you are able to login fast enough to change your password, couldn't a hacker just call Sony later claiming their account was stolen and get Sony to change your password so only the hacker has access anyway? If they have all your info, there's no way for Sony to distinguish between legit customers and hackers. Deleting all PSN accounts seems like the only way forward at this point.

yeah its jacked

 

[iamvin22]

Sony fucked up bigtime. What a bunch of asses. I wish I never even bought a PS3 now, it's not like I ever played games on it anyway, until MK came along.

Lol. This one is going in my archive of classic-GAF post. Thanks dude

 

[Barrett2]

www.wallstreetjournal.com