-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
PSN Hack Update: FAQs in OP, Read before posting
- Thread starter Killthee
- Start date
- Status
Zombie James
Banned
Nice to know the credit card data was encrypted (which should be a fucking given). One less thing to worry about.
jim-jam bongs
Member
Raistlin said:
When people refer to "out of date" OS software in this context they mean specifically that it hasn't been patched to the current secure build. And yes, the government does use ancient server software because that software is no longer being updated, so is no longer being patched for security because it's considered to be secure until someone finds a hole. We don't still run Redhat 4 on a couple of our environments for the lols dude.
Professor Beef
Banned
I missed Sonic Fanfics? Damn.
lol no. They are going to take you through the whole deal of making sure you are who you say you are, they are going to look at your account and try to figure why you are wanting to close the account, they are going to ask you why you think your account is compromised, they will begin asking about specific transactions and asking for confirmations. transfer to other dept etc.Persona7 said:
You are going to be on the phone for at least 30 to 45 minutes.
Has EA made it any easier to link to a different email?
Like lets say I link my PSN account to a new email and want my EA account(linked to psn) to link to the new email as well, I had a hard time doing that simple process awhile back.
Took me 2 minutes and they even let me pick up a temporary card from the bank.
I'm talking about bank cards here.
Like lets say I link my PSN account to a new email and want my EA account(linked to psn) to link to the new email as well, I had a hard time doing that simple process awhile back.
Why would you close your account? You simply tell them to issue you a new credit/debit card. They will just unauthorize your old one and give you a brand new set of numbers.bangai-o said:
Took me 2 minutes and they even let me pick up a temporary card from the bank.
I'm talking about bank cards here.
CurlySaysX
Banned
One of my bills that comes through the mail was opened by someone yesterday and was left in my letterbox without an envelope in the newspaper/junkmail section.
Fuck Sony.
Fuck Sony.
Nope, I thought it was that way because it seems like the perfect way to do it but I found that out the hard way and got locked out of mass effect 2 content because my old 2 emails didn't match.darkwing said:
When you make an EA account you enter an email (which is a bitch to change if you ever switch the email associated to your PSN or XBL account) and then it creates a Persona for whatever game service you linked it too.
Dreamgazer
Member
CurlySaysX said:
That was me, sucker!
cjtiger300
Member
Vagabundo said:
The amount of misinformation in this post is insane. By the way, do you want friend code? I guess thats one way not to lose any info.
cjtiger300
Member
Vagabundo said:
Why are people using this as a credible source? The Credit Card info was encrypted.
Lord Error
Insane For Sony
The problem is that you can't really do much about your personal data being used against you, other than being more cautious about emails and phone calls that try to mine extra information from you. As for the credit card, it really seems unlikely at this point that it's worth the hassle replacing it over this. It was encrypted, and probably not stolen to being with, so why bother. Especially since your bank will block and refund fraudulent transactions quickly if they are worth their salt. I'll be monitoring my cc statement online more carefully in the next few weeks, but don't see a reason to do anything beyond that.blazinglazers said:
Maximilian E.
AKA MS-Evangelist
Kinda OT but some kind of amusing...
Was reading over at ars their small review of the game Outland.
The final segment of the text is as follows:
ouch..
Was reading over at ars their small review of the game Outland.
The final segment of the text is as follows:
ouch..
SoccerGoaliePro
Banned
I hope sony goes after those hackers and send them to jail for life.
-Pyromaniac-
Member
The new faq sounds good. Can't wait for it all to be up and running again.
blazinglazers
Member
Bro, you can call your bank and tell them that you think your credit card has been compromised. They will verify that you are who you say you are, and then they'll close your current card, open up a new one, and transfer your balance over if you have one. They'll mail you the new card. This is all free of charge. The whole process takes mere minutes. It's no biggie.bangai-o said:
Well you sound like you've got a good plan. I guess where we diverge is the "why bother" part. You're making assumptions that could have consequences if you're wrong. You're choosing to be reactive to possible theft, rather than pro-actively defending yourself. Changing your credit card takes a single phone call and costs you about five minutes of your time. In exchange you don't have to hope for or assume anything. You're done. Based on my past experiences with my bank and the various forms of identity theft that I've been exposed to, it's been a hassle to deal with even if in the end nothing permanent happened. It still sucked. I fully respect your choice to play it cool, but it rubs me the wrong way to see other people in this thread belittling the situation or those who've got legit concerns.Lord Error said:
Considering Sony left the whole personal data table not encrypted I wouldn't put much faith into the encryption they used for credit cards.
Who knows, the hacker could've taken advantage of their server to decrypt the card numbers too. Obviously, there is a decrypt function, since the PSN remembers your CC data when placing future transactions.
If you are concerned at all, cancel your damn card.
Who knows, the hacker could've taken advantage of their server to decrypt the card numbers too. Obviously, there is a decrypt function, since the PSN remembers your CC data when placing future transactions.
If you are concerned at all, cancel your damn card.
fistwell_old
Member
What the f has this to do with card numbers? I've had cards canceled+replaced with 5 minute phone conversations many times. But yeah, if you want to close the account, open a new one, change country, sex-change operation, etc, that may take a while.bangai-o said:
Present situation doesnt call for any of that shit tho.
BocoDragon
or, How I Learned to Stop Worrying and Realize This Assgrab is Delicious
You'll be out of a card for a few days to a few weeks. Not saying it's that big a deal but.....blazinglazers said:
Contrary to passwords where one way hashes are a basically perfect way to securely store it (as long as you know what you are doing), credit cards numbers have to be encrypted in a way that allows for a way to decrypt them too, otherwise there is no point in storing them in the first place. This decryption has to be done somewhere in PSN's code before calling the credit card payment system, and it's very much possible that the hacker(s) managed to get to the decryption keys, since they have to be available one way or another to do the actual payment.cjtiger300 said:
Hopefully Sony was storing the CC numbers on a highly secured and separate network of servers that the PSN front servers would only call to do the actual payment, it's the sanest way to do such thing.
fistwell_old
Member
You're forgetting the cavity search. Conveniently forgetting i might add.Dead Man said:
Professor Beef
Banned
Who said everyone would be scared?Dead Man said:
fistwell_old
Member
I hear some people enjoy it...Dead Man said:
Edit: beaten with a stick.
cjtiger300
Member
That may be true, but a chat log, which anyone could type up is not a credible source.Blimblim said:
Professor Beef
Banned
It's already been worked on for this long. if it's anything like the PSP version of the store, then the PS3 and portable stores aren't wildly different from each other to begin with.onQ123 said:
If this is true at all, that is.
VisanidethDM
Banned
Yikes, first post.
I'm trying to catch up with the thread, but as a bit of potentially useful information, I contacted my CC company customer service yesterday in order to lower the threshold of the SMS warning on CC operations to 50 (it's a very useful service for spotting CC scams and it's generally free on VISA cards).
I stated the reason was that an online service I was using had been potentially compromised. The customer service employee followed the procedure and when we were done, he asked me if this was about "the Sony issue". We discussed a bit and he told me that they had been in fact warned by Sony "prior to the Easter vacations" (which would mean before last Friday) and they had been monitoring operations tied to the Sony websites and cards since then. He in fact stated that all operations tied to Sony websites were blocked at the time.
Take it as you will (I doubt any official statement about being warned by Sony would be given consider the -unlikely- chance of class actions, in order not to join the "you knew and told nothing" bandwagon). This would on one hand confirm that Sony knew well before they told us, but on the other hand, also that they took action immediately to try and prevent any CC scam issue.
I had sent this info to the staff in case it was possibly relevant to the discussion, so ignore the double post in case it was already reported.
Sure it's nice to be able to post finally!
I'm trying to catch up with the thread, but as a bit of potentially useful information, I contacted my CC company customer service yesterday in order to lower the threshold of the SMS warning on CC operations to 50 (it's a very useful service for spotting CC scams and it's generally free on VISA cards).
I stated the reason was that an online service I was using had been potentially compromised. The customer service employee followed the procedure and when we were done, he asked me if this was about "the Sony issue". We discussed a bit and he told me that they had been in fact warned by Sony "prior to the Easter vacations" (which would mean before last Friday) and they had been monitoring operations tied to the Sony websites and cards since then. He in fact stated that all operations tied to Sony websites were blocked at the time.
Take it as you will (I doubt any official statement about being warned by Sony would be given consider the -unlikely- chance of class actions, in order not to join the "you knew and told nothing" bandwagon). This would on one hand confirm that Sony knew well before they told us, but on the other hand, also that they took action immediately to try and prevent any CC scam issue.
I had sent this info to the staff in case it was possibly relevant to the discussion, so ignore the double post in case it was already reported.
Sure it's nice to be able to post finally!
UberTag
Member
Hey Blimblim, any chance you can elaborate further on the above point?Blimblim said:
While it's been stated that existing CC data was being stored in encrypted fashion (and I fully believe that's the case), when does that encryption process take place? Does it happen immediately upon the PI being associated to the customer's account via the console, PSP, PSN/Qriocity website? Or does that process happen further down the road? Furthermore, what rationale would there have been from a cost effectiveness standpoint for Sony to not have encrypted other customer information in their database?
I've been trying to wrap my head around a scenario where the hackers "may have had access to credit card information" yet did not have access to decryption keys. Understanding whether or not unencrypted credit card details could have been accessed if transactions took place from April 17-19 when the network was compromised would shed some light on the situation.
DoctorButt
Member
CurlySaysX said:
My dog just pooped in my sink and I have to clean it up
Fuck Sony.
Combichristoffersen
Combovers don't work when there is no hair
DoctorButt said:
My grandfather found out he has cancer last summer.
Fuck Sony.
BocoDragon
or, How I Learned to Stop Worrying and Realize This Assgrab is Delicious
Fuck Sony.Combichristoffersen said:
Fuck Sony.
Lord Error
Insane For Sony
While you may be onto something (and will kind of be correct to be honest, if they finally enable voice chat like that rumor is suggesting) that's not how it works in legal system. This is considered a criminal activity, and if person(s) who did this are found, they will go to jail. Last example was that guy who over the past few years stole millions of CC numbers from a few banking institutions, but eventually got caught and got 20 years in jail.dzukela said:
- Status