• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

PSN Hack Update: FAQs in OP, Read before posting

Status
Not open for further replies.
M

marrec

Banned
Zeal said:
cool, thanks. i haven't seen anything unusual.

and i'm most certainly not kissing sony's ass here, as this is a royal fuckup of biblical proportions (as my main man, Ray Stantz of the Ghostbusters would say) --BUT--, i think people are making a mountain out of a molehill here.

i don't expect these assholes to try something when they know everyone on earth is looking for them, watching, and waiting. if i were one of the people responsible for this, i'd be scared shitless right now. and all of these agencies working together WILL get them. it's only a matter of time.

i will be cautious, but i'm not doing anything drastic. i expect service will be up soon and this shit will fade into history.
Click to expand...

Don't underestimate the magnitude of this fuckup. This is no molehill, it is indeed a mountain. Depending on how savvy the criminals behind this are it could be a very bad.
 
G

gl0w

Member
Hex said:
I have received the email on a couple of email addys, but not on a couple more so it is hit/miss and I just figure that it will flow through sooner or later.
One of them did get smacked by Gmail's spam folder, that is why I figured it was worth a shot.
Click to expand...

I'm gonna wait then. Thank you sir!
 
Zoe

Zoe

Member
Hey, if anybody in Texas got hit by the Comptroller breach, they just announced one free year of credit monitoring. Kill two birds with one stone!
 
notworksafe

notworksafe

Member
marrec said:
Don't underestimate the magnitude of this fuckup. This is no molehill, it is indeed a mountain. Depending on how savvy the criminals behind this are it could be a very bad.
Click to expand...
Are they savvy enough to break AES? That'd take a hell of a super computer. Phone number and address are pretty easy to find on the internet.
 
F

FINALBOSS

Banned
marrec said:
Don't underestimate the magnitude of this fuckup. This is no molehill, it is indeed a mountain. Depending on how savvy the criminals behind this are it could be a very bad.
Click to expand...


I hate to be the one to break the news...but your information is already out there on the Internet for all to see.


And yup, I just checked...you're adopted.
 
B

brentech

Member
Reuters on the PS3 Hack

(Reuters) - The hacking of Sony Corp's PlayStation Network has earned a place in the annals of Internet crime.

That's partly because of the massive size of the data breach -- information about 77 million customer accounts was stolen. It is also because Sony bothered to disclose the attack at all.

The bulk of attacks on corporate and governmental computer networks go unreported because victims want to avoid the embarrassment and public scrutiny that come with acknowledging that their systems have been hacked.

Companies fear that their stock price might take a hit or that their brand might be damaged after news of an intrusion, said Jerry Dixon, a former government official who was instrumental in setting up the U.S. government's crime-fighting Computer Emergency Readiness Team.

"Everybody's network is getting hammered all the time," said Dixon, director of analysis at Team Cymru, a non-profit security research group.

Sony shut down the network on April 19 after discovering the breach, one of the biggest online data infiltrations ever. But it was not until Tuesday that the company said the system had been hacked and that users' data could have been stolen.

In the United States, several members of Congress seized on the breach, in which hackers stole names, addresses and possibly credit card details. One U.S. law firm filed a lawsuit in California on behalf of consumers.

Democratic Senator Richard Blumenthal of Connecticut called on the Justice Department to investigate the matter.

The FBI launched an inquiry and urged anybody with information about the attack to contact an agency hotline (+1 858-565-1255).

CODE OF SILENCE

Experts say that many companies only disclose break-ins when they are required to do so by government regulations that say they must tell customers whose data was compromised.

In many cases companies seek to keep the matter quiet by telling individual customers of the problem without issuing a public statement like the one from Sony this week. (bit.ly/kik7DC)

The publicity over the break-in has exposed Sony to global legal scrutiny, with officials from Hong Kong to London and Washington looking into the breach.

Sony's PlayStation Network, a service that produces an estimated $500 million in annual revenues, provides access to online games, movies and TV shows. Nine out of 10 of PlayStation's users are based in the United States or Europe.

Security experts say that companies that are attacked remain silent most of the time.

For example, 85 percent of some 200 companies in electricity-producing industries said that their networks had been hacked, according to a survey released this month by security software maker McAfee Inc and the non-profit Center for Strategic and International Studies. Yet utilities rarely disclose such attacks.

One in four of those companies in the McAfee/CSIS study reported that they had been victims of extortion campaigns from hackers who had broken into their networks. (tinyurl.com/3vgp5us)

In many cases, intrusions go undetected by the victim company, leaving the firm and its customers completely unaware that criminals have access to their sensitive data.

"Everybody's data is at risk. We've all got to worry about our personal information, wherever it may be," said Josh Shaul, chief technology officer for Application Security Inc.

SPEAR "PHISHING"

Sony said it had encrypted all credit card numbers, which would make it extremely difficult for hackers to access that data. But criminals might use other personal information that was not encrypted to launch scams.

With birthdates, email addresses and home addresses, hackers can launch spear "phishing" attacks that are targeted at those individuals.

Spear phishing refers to attacks that are customized to each individual target. Hackers draft emails that contain enough personal information to persuade the victim to let down their defenses, which can be enough to get them to click on a link that downloads malicious software onto their personal computer. (Additional reporting by Jeremy Pelofsky. Editing by Kenneth Li and Robert MacMillan)
Click to expand...

Nothing I haven't already stated in this thread. Just makes the point.
 
M

marrec

Banned
brentech said:
Reuters on the PS3 Hack



Nothing I haven't already stated in this thread. Just makes the point.
Click to expand...

Well this just tears it, I'm rage selling all my computers.... I wonder if that old dude will sell em for me.

Concerning the article however, companies are getting hammered and hacked 24/7 but that doesn't make it okay for criminals to have access to my information.
 
B

brentech

Member
No one said that makes it okay. Just tired of people acting like this is the only way someone could have ever possibly got their info. This is an every day battle. With or without Sony.
 
F

FINALBOSS

Banned
marrec said:
Well this just tears it, I'm rage selling all my computers.... I wonder if that old dude will sell em for me.

Concerning the article however, companies are getting hammered and hacked 24/7 but that doesn't make it okay for criminals to have access to my information.
Click to expand...


Because the article definitely says they should, right?
 
T

test_account

XP-39C²
If the hacker(s) get caught, do you think that we will get to know about it? Is it common that in these cases that there will be such an announcement if the hacker(s) get caught?
 
S

sajj316

Member
marrec said:
Well this just tears it, I'm rage selling all my computers.... I wonder if that old dude will sell em for me.

Concerning the article however, companies are getting hammered and hacked 24/7 but that doesn't make it okay for criminals to have access to my information.
Click to expand...

I don't think they are justifying anything with that comment. It was never ok to begin with. How many of the 170 companies will admit there was data compromised, outside of a stupid survey. As late as it was, we at least got an official statement and next steps for customers. Thank the Lord that the CC info was encrypted!
 
V

Vagabundo

Member
test_account said:
If the hacker(s) get caught, do you think that we will get to know about it? Is it common that in these cases that there will be such an announcement if the hacker(s) get caught?
Click to expand...

They usually are just disappeared...
 
P

Psychotext

Member
notworksafe said:
Phone number and address are pretty easy to find on the internet.
Click to expand...
Can't speak for the US, but I'm ex directory in the UK (which means you aren't finding my address or phone number on the internet, or in a phone book)... aside from that, last time I checked the phone book didn't include people's date of birth, email address and a security question / answer.
 
A

Akkad

Banned
test_account said:
If the hacker(s) get caught, do you think that we will get to know about it? Is it common that in these cases that there will be such an announcement if the hacker(s) get caught?
Click to expand...

I'm pretty sure they will make an example of him/them.
 
D

daycru

Member
gregor7777 said:
Kind sir, how many posts do I have to make in True PS3 Gamer Threads to be mad or worried about this?

I sold my PS3/PSP over a year ago, can't remember if I had my card on file, and just got the email.

Can I be worried? Can I post here without people jumping all over me if I detail the steps I'm taking to protect myself?
Click to expand...
You're not a "real fan" until you've created an 8,000 word official thread for your favorite Sony property. I was all over Jet Moto 2 hitting PSN.
 
T

test_account

XP-39C²
Vagabundo said:
They usually are just disappeared...
Click to expand...
Lol.


Akkad said:
I'm pretty sure they will make an example of him/them.
Click to expand...
I hope so at least. Not that it changes the actual cas that much (can't really "unhack" what's been done), but i'm still interested to know if the hacker(s) get caught.
 
S

sajj316

Member
test_account said:
If the hacker(s) get caught, do you think that we will get to know about it? Is it common that in these cases that there will be such an announcement if the hacker(s) get caught?
Click to expand...

I think we will. I can only speak for me but I want to see this rouge, scoundrel, purloiner in prison with a shampoo bottle .. ok, I won't go there.
 
I

itxaka

Defeatist
notworksafe said:
Are they savvy enough to break AES? That'd take a hell of a super computer. Phone number and address are pretty easy to find on the internet.
Click to expand...


There was a PoC of using amazon cloud servers to break WPA-PSK using bruteforcing. The guy made it test over 400k passwords per second to break any WPA-PSK password in around 6 minutes.

Of course after some legal problems he didn't release it, but the bruteforce is there for anyone to use. Cloud computing has an amazing power.

There is also a service that lets you (try) to crack a WPA/WPA2 handshake for 20$ in 20 minutes. They use a dictionary of...284 million words! Using the cloud as well, he uses a 400CPU cluster for it.

I mean, look at the servers they are offering at Amazon EC2:

22 GB of memory
33.5 EC2 Compute Units (2 x Intel Xeon X5570, quad-core “Nehalem” architecture)
2 x NVIDIA Tesla “Fermi” M2050 GPUs
1690 GB of instance storage
64-bit platform
I/O Performance: Very High (10 Gigabit Ethernet)
API name: cg1.4xlarge

This for 2.10$ an hour? Goddamit, I want 10 of those!

Damn, Im going offtopic. The thing is, while costly, I think it can be done. Maybe it has already been done and we don't know it yet. The blueprints are there but someone has to implement it.


P.S.: Can you imagine 10 of those EC2 instances doing distributed work...for just 20$ an hour. Awesome.
 
T

test_account

XP-39C²
Zoe said:
http://en.wikipedia.org/wiki/Albert_Gonzalez
Click to expand...
From the article:

Albert Gonzalez (born 1981) is a computer hacker and computer criminal who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 through 2007—the biggest such fraud in history.

Damn, that is a lot of creditcards! Hopefully we will get to know if the PSN hacker(s) get caught too :)


sajj316 said:
I think we will. I can only speak for me but I want to see this rouge, scoundrel, purloiner in prison with a shampoo bottle .. ok, I won't go there.
Click to expand...
Hehe. Yeah, i hope we will get to know about it. On the other hand, is it common that people who do major hacks like this never get caught?
 
D

Dedication Through Light

Member
brentech said:
Reuters on the PS3 Hack



Nothing I haven't already stated in this thread. Just makes the point.
Click to expand...

At that point, people should be glad SONY even reported it at all even if it was days after the fact. People over reacting have no clue if their infos been taken by other faucets of their life...actually one has no clue if someone has even intercepted their bills and got their information...I remember reading reactions that people were like "sony fails cause data breaches dont occur anymore,"I should send them this article.
 
Jinfash

Jinfash

needs 2 extra inches
brentech said:
Reuters on the PS3 Hack



Nothing I haven't already stated in this thread. Just makes the point.
Click to expand...
That is the type of common sense that shouldn't surprise anyone at this point.

In this time and age, everyone should be aware of the risks service and network providers face on a regular basis, however, this type of article won't calm the media shitstorm because the question that is being asked by almost every user and news outlet is: Did Sony take the necessary measurements and precautions to prevent an attack of this scale? with all the information we have gathered since the PS3 was jailbroken through the failoverf0w fiasco, and some of the security measurements that were tested by hackers and experts alike, the popular answer seems to be pointing to "No", adding weight to the idea that this episode was part of the natural progression of a much older (major) issue.

Either way, only time will tell, as I feel that Sony is not done answering questions regarding this breach.
 
S

Steve Youngblood

Member
Dedication Through Light said:
At that point, people should be glad SONY even reported it at all even if it was days after the fact.
Click to expand...
The network had been down for almost a week with only vague reports that it had been hacked. What were they going to say?
 
M

Metalmurphy

Member
Dipindots said:
I wonder what the punishment would be for the hacker(s) if they get caught...

Any law folk have any insight?
Click to expand...

Everyone of those 77 million account owners should be able to punch him in the face.


I'd punch him 7 times for my 7 accounts.
 
M

Mr. Enigma

Member
Dipindots said:
I wonder what the punishment would be for the hacker(s) if they get caught...

Any law folk have any insight?
Click to expand...

Punishments for similar crimes like this usually get at least 20 years in prison.
 
Zoe

Zoe

Member
Dipindots said:
I wonder what the punishment would be for the hacker(s) if they get caught...

Any law folk have any insight?
Click to expand...

Albert Gonzalez was sentenced to 20 years for the TJX case alone. That breach was much worse than this one though.
 
Z

Zane

Member
Has this been posted? http://psx-scene.com/forums/f6/psn-database-containing-2-2million-credit-cards-now-up-sale-85702/

Rumors are following thru various underground "credit card" trading forums, and on the new #psnhack twitter list that a large section of the PSN database containing complete personal details along with over 2.2million working credit card numbers with the much-needed CVV2 code are being offer up for sale to the highest-bidder, after the "hackers" tried to sell the DB back to Sony for a price, but they of course didn't answer!
Click to expand...
 
R

Rebel Leader

THE POWER OF BUTTERSCOTCH BOTTOMS
Professor Beef said:
Looks like I know my new profession.

Beware, internet! ProBee is here for your money!
Click to expand...


But I was about to have a BBQ. :(

Also, you can have my money. Here, take it.
emptywallet1.jpg
 
Status
Not open for further replies.

Similar threads

PSN Down, Sony Acknowledges Outage (Update: All Services Are Up and Running)
2 3
144
11K
awwr999999 replied
Helldivers 2 will soon require all Steam players to sign in with a PlayStation Network account
7 8 9 10 11
538
28K
ArtHands replied
Sony CFO: "We don't have enough original IP", will also look to drive growth via crunchyroll
9
1K
Killjoy-NL replied
Satya Nadella: Annual letter to stockholders. Content on new platforms will continue
4 5 6 7 8
352
19K
noob smokes replied
Ubisoft is being sued for allegedly sharing Ubisoft Store and Ubisoft+ user data with Meta
News 2
54
3K
Shin-Ra replied
Top Bottom