Support NeoGAF

[hikarutilmitt]

A major breach such as this one, the company needs to pay some of it too. They're responsible for things belonging to millions of other people, and are then letting it just get taken.

If a bank gets robbed, it's totally their fault for only having locks, guards and cameras, not laser-guided missile systems and pressure-sensitive floor plates with automatons and werewolves for extra backup precautions.

 

[Kagari]

Wow, still down?

lol

At least your DCU time will be compensated. They said it won't be back until next week.

 

[Mercury Fred]

At least your DCU time will be compensated. They said it won't be back until next week.

=/ eek

I was hoping it still might be back sometime this week.

I guess the DCU time is something though. sigh.

 

[Loudninja]

Wow, still down?

lol

Yes they already said it well take a week to get some services back, so we wont get anything until next week.

 

[marathonfool]

Sony held accountable? What would they benefit from? $20 in compensation? time lost from work? A simple google search leads to plenty of other major "data" incidents this year, with people taking no action. I didnt see BOA user rally in support to take BOA to court...people are.augh.

Hell hath no fury like a nerd scorned. These types of class action settlements line the pockets of lawyers. The consumers almost never receive monetary compensation.

 

[Jburton]

I want to know this too. Is there more information regarding this out there that isnt linked in the OP or on the PS blog?

Yeah, it seems a lot of the info floating around is being hailed as fact is anything but.

Facts and figures are appearing from nowhere.


We are up to our necks in bullshit.

 

[GenericUser]

CC locked, passwords changed, waiting for some free games to DL.

 

[The Lamonster]

Just got my e-mail (US).

 

[Jinfash]

Has the Digital Foundry article been posted/discussed yet?

 

[malingenie]

Sony held accountable? What would they benefit from? $20 in compensation? time lost from work? A simple google search leads to plenty of other major "data" incidents this year, with people taking no action. I didnt see BOA user rally in support to take BOA to court...people are.augh.

The word is entitled, people are entitled. I dont know why. They think that they 'deserve' things that under the scrutiny of logic would be laughable.

 

[get2sammyb]

Last week, late in the week, I received a spam text and a spam phone call from a blocked number. I have had the same phone number for 5 years and have never once received any kind of telemarketing. Also, my facebook was ji-jacked last week as well and I am always very careful with my passwords on facebook and I've never clicked any suspicious links on there. I think this stuff is sadly related to the PSN data compromise

Does the PSN even store phone numbers?

 

[LiK]

Yeah, it seems a lot of the info floating around is being hailed as fact is anything but.

Facts and figures are appearing from nowhere.


We are up to our necks in bullshit.

Yup, people should just stick with the OP here. Only facts from Sony are posted.

 

[Shao Kahn Brewing a Stew]

A guy knocked on my door and gave me a package. I opened it and it's an empty case for Mortal Kombat. The last game I was playing before I disconnected was Mortal Kombat. Can it be the hackers? I'm afraid guys!! I'm also listening to MK soundtrack as I type this. This is way too coincidental!!

 

[Captain Tuttle]

Hell hath no fury like a nerd scorned. These types of class action settlements line the pockets of lawyers. The consumers almost never receive monetary compensation.

It punishes the company though. IF it turns out that Sony was negligent in securing information they should and will have to pay. The damage to the brand has already happened, the damage to the bottom line is ongoing.

You can bet that Sony is already putting money aside to deal with these lawsuits. It's only prudent.

 

[coopolon]

Hulu + is also already compensating people. I already got a $2 credit and if it goes for more then another week I expect they'll give out more. I was really impressed of that action on their part considering their service is not exclusive to the PS3 so people can still use it in other ways.

 

[Lord Error]

A major breach such as this one, the company needs to pay some of it too. They're responsible for things belonging to millions of other people, and are then letting it just get taken.

I agree, they should be paying something. I believe in previous similar cases, companies in question were held responsible in sense of paying for credit checks their users make, and paying money to their users whose identities were stolen for example. It should be minimum that here as well.

 

[larvi]

If there was no way for Sony to have a better security, they shouldn't be held fully responsible. If they did just one tiny mistake, they should be fully responsible for any harm that was done and harm that will be done in the future. Just because no one has been charged with anything until now doesn't mean that it's okay. Security of consumer's data should be the number one interest of a company. I know that usually isn't the case, but if continue to just accept it when companies don't take care of their customer's data, nothing will change ever.

I'm not saying someone at Sony should go to jail for this. I'm saying that if we find out that this could have been prevented if Sony had done something different/better and they just did not for whatever reason, there should be consequences.

One of the accounts the IT company I work for is in the health care industry. And there are federal laws (HIPAA/HITECH) that can impose civil penalties on companies that allow their customer's data to be breached due to any reason. The penalties increase depending on the amount of negligence involved. I suspect there may be similar laws in place for financial/personal data.

 

[VisanidethDM]

So the real criminals are not Sony, and the only real victim here is Sony, and the reason we're discussing Sony's responsibilities is because it's "more fun"... got it, thanks for clarifying that.

I'll try to clarify what I said above.

All the "wow" and "I'm at loss" comments seem to take my comments from a "morality" perspective. In short, answer the question "Who's fault is this?". I'm not. I don't care.

I'm being practical.

Who is damaged by this situation (which is what I base my definition of victim on)?

1. Users. No, not really. Credit card services are covered by insurances. The percentage of users who will be victim of CC scams will be minimal. The percentage of those will not be refunded will be absurdely low. You should easily notice because people is being warned by their *banks* about the scams. CC scams are almost impossible to get away with. You need to do isolated operations, in different locations and so on.
Sure, you may need to make a few phone calls, and possibly wait for a new card. But if you feel you're more damaged than...

2. Insurances. These guys will pay for all the virtual money scammers are going to spend. And they're not gonna be happy. And the banks they work with won't either. And they will all go after....

3. Sony. These guys will lose millions. Over redoing PSN, over restoring data, over contracts with insurances, over people sueing them, over investigations, and then there's the image damage.

Once again, be practical. We'll cry and scream over the net for a few days, we'll make some phone calls, but we will be fine. And 99.9999% of those 75 million people will come out of this without having lost a pence.

Will Sony be fine? I suspect they'll survive, but they'll take a huge hit, in their wallet, for real. And that makes them the "victim". Who isn't the guy who did or did not "had it coming" - it's the guy who gets hurt, no matter what.


As for the "outrageous" conspiracy theory that wow'ed people, I don't find it unrealistical at all. Whoever did this wanted to hit Sony, through its customers. You want to milk some CC? You steal 100, 1000 of them, from different databases, as silently as you can, and be careful about it. If you really expect anyone to make any serious money out of doing something so incredible that it made it on the headlines in a matter of hours, you're crazy. The entire internet transaction system is on Defcon 5 right now.
I'm trying to be rational here. Whoever was smart enough to take down PSN and get that kind of data is probably smart enough to know that trying to use that to an extent proportionate to the amount of data collected would be suicide. The most logical explanation is that someone wanted to hurt Sony, and Sony did plenty to piss off the hacking community lately.

 

[Combichristoffersen]

I heard someone tapping, as if someone gently rapping, rapping on my entrance door. I opened the door, Kevin Butler got on the floor, and then we both walked the dinosaur. Could this be related to the PSN hacking, GAF?

 

[Kagari]

=/ eek

I was hoping it still might be back sometime this week.

I guess the DCU time is something though. sigh.

They said a week from Tuesday, so anytime between now and then probably.

 

[Eel O'Brian]

Every time I look at this thread, I get scared and I have to check my bank account to see if I got any suspicious charges.

Better go and get my debit card changed.

Every time I look at this thread, I become more convinced that H. L. Mencken was some sort of prophet.

 

[Akkad]

lol, this seems relevant.

http://sports.yahoo.com/mlb/blog/bi...t=AnhPhqJ5fTgaQquUTjGSm4YRvLYF?urn=mlb-wp4657

 

[gl0w]

If a bank gets robbed, it's totally their fault for only having locks, guards and cameras, not laser-guided missile systems and pressure-sensitive floor plates with automatons and werewolves for extra backup precautions.

LOL nice one! Maybe Sony for now on will have a defensive system that automatically electrifies people trough the keyboard when they try to hack their system before they be able to successfully hack the network.

Then people will stop complaining about the measures already done by Sony to protect their network. (Oh well, maybe not)

 

[get2sammyb]

lol, this seems relevant.

http://sports.yahoo.com/mlb/blog/bi...t=AnhPhqJ5fTgaQquUTjGSm4YRvLYF?urn=mlb-wp4657

I blame Sony.

 

[Persona7]

It is kind of funny that I can play PS2 games without any problems whatsoever. If anything, SOCOM 3 is running smoother than it's ever been.

 

[jmdajr]

“Since everyone knows the PS3 is unhackable, why waste money adding pointless security between the client and the server? This arrogance undermines a basic security principle: never trust the client. Notice it's only PSN that gave away all your personal data, not Xbox Live when the 360 was hacked, not iTunes when the iPhone was jailbroken, and not Gmail when Android was rooted. Because other companies aren't crazy.”-geohot

Geohot: Blame Sony Execs, Not Engineers

hmmm

 

[Jinfash]

Has the Digital Foundry article been posted/discussed yet?

Again, has this been posted yet? http://www.eurogamer.net/articles/digitalfoundry-psn-security-scandal

It's a good read and I think it deserves a separate thread.

 

[btkadams]

maan i'm going away on saturday for a week in mexico. i was hoping to load my new psp go with all of my ps1 games/minis/psp games i've got from psn. this sucks.

 

[coopolon]

I'll try to clarify what I said above.
1. Users. No, not really. Credit card services are covered by insurances. The percentage of users who will be victim of CC scams will be minimal. The percentage of those will not be refunded will be absurdely low. You should easily notice because people is being warned by their *banks* about the scams. CC scams are almost impossible to get away with. You need to do isolated operations, in different locations and so on.
Sure, you may need to make a few phone calls, and possibly wait for a new card. But if you feel you're more damaged than...

You seem to be under the impression that our time is of no value.

 

[Salaadin]

Does the PSN even store phone numbers?

I dont think so although theres the possibility that his cell phone number is somewhere else out there and they obtained that by searching the names the obtained from the PSN leak or something but that seems like a stretch.

FWIW, I received 2 telemarketer phone calls last Wednesday and Thursday. I hung on them both times and they havent called me back since. Thats the only odd thing to happen to me and I honestly dont think its related to this.

 

[Clear]

I'm trying to be rational here. Whoever was smart enough to take down PSN and get that kind of data is probably smart enough to know that trying to use that to an extent proportionate to the amount of data collected would be suicide. The most logical explanation is that someone wanted to hurt Sony, and Sony did plenty to piss off the hacking community lately.

Absolutely agree. Well said.

I've got to add that the way this situation has really shown up how utterly paranoid our culture has become is really quite depressing.

 

[green sticker]

link

hmmm

Interesting point...

 

[sajj316]

I just got my email... I feel reassured and calm

I still didn't get mine .. I'm furious. How dare they not keep me informed via email!

 

[Zoe]

Again, has this been posted yet? http://www.eurogamer.net/articles/digitalfoundry-psn-security-scandal

It's a good read and I think it deserves a separate thread.

It doesn't mention anything that hasn't been discussed ad nauseum in this thread already.

 

[darkwing]

It doesn't mention anything that hasn't been discussed ad nauseum in this thread already.

but it has the hacker chat logs

 

[xbhaskarx]

lol, this seems relevant.

http://sports.yahoo.com/mlb/blog/bi...t=AnhPhqJ5fTgaQquUTjGSm4YRvLYF?urn=mlb-wp4657

haha, Yankees.

21k is 1 / 3,666 the amount of data

Yankees is doomed!

The Yankees will never recover from this. They will probably leave the baseball business altogether or be bought by the Florida Marlins in a few months.

 

[darkwing]

lol, this seems relevant.

http://sports.yahoo.com/mlb/blog/bi...t=AnhPhqJ5fTgaQquUTjGSm4YRvLYF?urn=mlb-wp4657

Yankees is doomed!

 

[jobber]

So will Sony even show up at E3 this year? I can't imagine the gaming community being all friendly to the execs during their keynotes.

 

[santi_yo]

New charge on my debit Card. €1,19


:/

 

[xbhaskarx]

If a bank gets robbed, it's totally their fault for only having locks, guards and cameras, not laser-guided missile systems and pressure-sensitive floor plates with automatons and werewolves for extra backup precautions.

“Since everyone knows the PS3 is unhackable, why waste money adding pointless security between the client and the server? This arrogance undermines a basic security principle: never trust the client. Notice it's only PSN that gave away all your personal data, not Xbox Live when the 360 was hacked, not iTunes when the iPhone was jailbroken, and not Gmail when Android was rooted. Because other companies aren't crazy.”-geohot

Geohot: Blame Sony Execs, Not Engineers

hmmm

So basically what he's saying is... those other companies have laser-guided missile systems, pressure-sensitive floor plates and werewolves??

 

[sajj316]

Geohot: Blame Sony Execs, Not Engineers

hmmm

As much as I don't like him personally. He makes a valid point. Do not trust the client.

 

[Kagari]

So will Sony even show up at E3 this year? I can't imagine the gaming community being all friendly to the execs during their keynotes.

Why wouldn't they?

 

[KenOD]

So basically what he's saying is... those other companies have laser-guided missile systems, pressure-sensitive floor plates and werewolves??

Ah yes, the Outer Heaven in Transylvania set-up. Still leaves them vulnerable to a game of Snake however.

 

[gcubed]

So basically what he's saying is... those other companies have laser-guided missile systems, pressure-sensitive floor plates and werewolves??

you know in 6 months one of the tech magazines will get an exclusive story from the hacker about how he did it. Thats when we will find out if Sony was just that lax, or if it was a determined hacker. Someone can get into anything if they want to.

I have a feeling it will be a little of both, Sony seemed semi ready to make this move or have been planning it for a bit, so they knew it wasn't the best security and were making the necessary changes to fix it, the hacker got in in time.

 

[Dedication Through Light]

So will Sony even show up at E3 this year? I can't imagine the gaming community being all friendly to the execs during their keynotes.

They announced tablets on the day this was revealed, the business must go on as usual. New announcements will help people forget like the major news media is already moved on from it.

 

[get2sammyb]

Again, has this been posted yet? http://www.eurogamer.net/articles/digitalfoundry-psn-security-scandal

It's a good read and I think it deserves a separate thread.

It's also an old read based on old information. This came out at the peak of paranoia, but the latest FAQ clarified a number of concerns.

 

[Evlar]

Why wouldn't they?

The gaming press will rake them over the coals. They'll be shamed.

.

..

...

BWAHAHAHA no sorry I can't keep a straight face

 

[LiK]

So will Sony even show up at E3 this year? I can't imagine the gaming community being all friendly to the execs during their keynotes.

Of course they will. But expect plenty of no comments because of the lawsuits.

 

[lupinko]

Geohot: Blame Sony Execs, Not Engineers

hmmm

You'd think he would keep quiet after he got sued. smh

 

[Jinfash]

but it has the hacker chat logs

And according to their "informed source intimate with the PlayStation 3" it checks out, even though the source look dodgy at best. First half of the article is the most interesting part, second page is a personal take that bitches about data mining.