Support NeoGAF

[BeeDog]

I think the card number will be the same, as I couldn't order a new card for some reason, just re-order the card I had cancelled (but I assume they'll change the CCV number and expiry date).

That's very strange. You're from Norway, right? I figured your banks worked the same way as Swedish ones. I just called my bank, mentioned the Sony leak and they knew what I was referring to. He said I should just throw away my card and wait for the new one (which should hopefully arrive today). Will check if I get a new number, but either way, as you say, you'll get a new CVV number and a new expiry date at the very least.

 

[jax (old)]

new credit card = new number. where did you get the idea that it will be the same.

 

[Captain Tuttle]

you mean the website that is down right now..?

Well he did say that the users were from there, not that he got the list from the there.

The Google description is telling, lots of mention of hacks, exploits etc

 

[lol51]

I'm pretty sure the card number won't be the same either. I had my card compromised once (fucking ShopTo) and got a new one. Fairly certain I got a new card number as well.

I cancelled a visa debit (US), got a new by mail in 3 days... New Number, New security code, new expire date.

 

[FeedMeAStrayCat]

I've definitely had them issue me a card with a different number. I believe the last four digits changed (maybe 8)?

 

[xapnder]

you mean the website that is down right now..?

Yes, but maybe it's just a coincidence

 

[Mithos]

I've definitely had them issue me a card with a different number. I believe the last four digits changed (maybe 8)?

12 digit change on my last card compared to the previous one, first four seems to have a visa/mastercard -> bank connection (guessing).

 

[Combichristoffersen]

That's very strange. You're from Norway, right? I figured your banks worked the same way as Swedish ones. I just called my bank, mentioned the Sony leak and they knew what I was referring to. He said I should just throw away my card and wait for the new one (which should hopefully arrive today). Will check if I get a new number, but either way, as you say, you'll get a new CVV number and a new expiry date at the very least.

Good, good. So with a new CCV number and new expiry date I should be in the clear?

And yeah, I'm from Norway. We still don't have any lions

new credit card = new number. where did you get the idea that it will be the same.

I tried ordering a new card via my online bank, but since I already had a Visa debit card (albeit cancelled) tied to my account, I couldn't order a new card, just re-order the card I had already cancelled. Makes no sense though.

Edit: When I called my bank to cancel my card, I asked them if they could issue a new card for me, but for some reason they couldn't do that, I had to re-order the card myself via their online bank.

 

[BeeDog]

Good, good. So with a new CCV number and new expiry date I should be in the clear?



I tried ordering a new card via my online bank, but since I already had a Visa debit card (albeit cancelled) tied to my account, I couldn't order a new card, just re-order the card I had already cancelled. Makes no sense though.

Yes. I mean, getting a new CVV number creates an additional 1000 variations of your current card number, and the new expiry date adds a good exponential amount of variations on top of it too. I'd think criminals would just try to find a complete working CC instead of trying your number for God knows how many times.

 

[Tony Rocky Horror]

As I understood it, he logged into the e-mail account, not PSN.

Ah, this makes sense. Sorry, I must've totally misread his posts.

 

[Metalmurphy]

Not a chance XD.

Is any of these emails in there?

*edit* nm

PSN password = letters and numbers and at least 8 characters

some passwords on that list = only letter, only numbers, 4,5,6 etc... characters

I tried 4 nick on that list (google). All are users from nextgenupdate. Maybe...

Oh... ffs, the amount of misinformation going around about this is insane...

 

[Hanmik]

Yes, but maybe it's just a coincidence

their twitter:

Upgrading to vB4. Please be patient. Thanks =D

Thanks for patience guys, the site will be back soon. I hope you like it - Outsider

16 hours agovia Twitter for iPhone

 

[Manp]

there's one thing i'm probably missing regarding credit card data? is only the last used credit card that's at risk or all the credit cards ever used on the store?

i've used more than one credit card to shop on psn and all of them are still active. were all saved in their db? only the last one?

 

[megateto]

The worst thing of all is that the list arouse in a Spanish site and it hasn't been taken down...

 

[BeeDog]

there's one thing i'm probably missing regarding credit card data? is only the last used credit card that's at risk or all the credit cards ever used on the store?

i've used more than one credit card to shop on psn and all of them are still active. were all saved in their db? only the last one?

If they weren't completely incompetent, I don't see any reason to store all credit/debit cards you've ever used, since it just creates additional table entries for data that is mostly invalid (e.g. people replacing expired CC details).

 

[Jocchan]

Did they ever clarify if the CCs you removed are still stored somewhere (like past purchase statements)?

 

[Dedication Through Light]

I just wish would be back up by Motorstorm Apocalypse date.

-oh thank goodness trophy stuff is safe, the time for platinums in rpgs i priceless

 

[seb]

For your information (french people, but this is a EU policy), here's what to do if you think there's a fraud on your bank account:

http://lexpansion.lexpress.fr/high-tech/piratage-du-playstation-network-etes-vous-bien-protege_254446.html

I found it informative. Basically, the bank must reimburse you immediately as long as you call them to contest the transaction and then send them a letter for confirmation. They will also change you card, free of charge.

 

[test_account]

I just wish would be back up by Motorstorm Apocalypse date.

-oh thank goodness trophy stuff is safe, the time for platinums in rpgs i priceless

All trophies are stored locally on the PS3 as well though So if all PSN trophy data would dissapear, you could alway resync it (unless the PS3 stopped working after PSN went down).

 

[Linkified]

I feel a lot calmer than I did 2-3 days ago, maybe Sony should have an everything is okay alarm where they keep their servers from now on:

http://www.youtube.com/watch?v=lTzByQTeyJQ

 

[Phife Dawg]

new credit card = new number. where did you get the idea that it will be the same.

Got a new card with the same number but different security code and expiry date once.

 

[Zoe]

new credit card = new number. where did you get the idea that it will be the same.

Not necessarily. When I had to get a new card a couple of months ago (at their insistence cause one merchant had trouble swiping it), everything on the card was the exact same right down to the CVV code.

You have to be sure you're asking for the right thing. Tell them exactly why you want a new card.

 

[meppi]

Not necessarily. When I had to get a new card a couple of months ago (at their insistence cause one merchant had trouble swiping it), everything on the card was the exact same right down to the CVV code.

Well if a card is simply renewed, you should get the same number with just a different date.

But if your card gets compromised and replaced, they will issue you a brand new one since the previous one is blocked.
Happened to me a year or two ago.

 

[Zoe]

Well if a card is simply renewed, you should get the same number with just a different date.

But if your card gets compromised and replaced, they will issue you a brand new one since the previous one is blocked.
Happened to me a year or two ago.

It wasn't a renewal though, it was a 1:1 replacement. That's why I added that you have to be sure to ask for the right thing.

 

[meppi]

Oh yeah, of course.
you have to let them know that you have reasons to believe your card is compromised, otherwise they just give you a replacement as if your card was faulty or damaged.

 

[Combichristoffersen]

Checked my online bank, and it seems they've issued me a new card with a new card number. All is well

 

[Stop It]

Oh yeah, of course.
you have to let them know that you have reasons to believe your card is compromised, otherwise they just give you a replacement as if your card was faulty or damaged.

Yeah, the only times your CC number will change is if the card is cancelled due to being lost/stolen/being in danger of the latter. When I lost my wallet on the way to work once (UK bank), I cancelled my cards and they all came back with similar, but different numbers.

Anyway, Just had a debate with someone on my Steam about this where the person I was talking to decided that this breach didn't matter because you "could find all of the data in the phone book anyway". I hope the guys in charge of security at SCE didn't have such a reckless attitude towards user data.

 

[Kagari]

PSN password = letters and numbers and at least 8 characters

some passwords on that list = only letter, only numbers, 4,5,6 etc... characters

I tried 4 nick on that list (google). All are users from nextgenupdate. Maybe...

Wrong. It used to be 6 minimum, or at least it was when I signed up in 2006.

 

[meppi]

I don't get all this overreacting anyway.

When my card was compromised due to a problem with the security firm that shopto was using at the time, my bank automatically blocked my card and sent me a letter stating that I would receive a new one within a week, free of charge.

So I believe that if the BCC (bank card company) would have any reasonable doubt as to the security state of my card, as well as millions of others, they would react in the exact same fashion as last time.

I do check my account every couple of days just to make sure, but I'm not the least bit worried at this point and certainly won't request a new card.
I've got a VISA card for over 13 years now and that was the only incident I've had so far.

 

[Oni Jazar]

You want to report your card stolen or compromised to get new numbers. If you just get a new card you may get the same numbers. Your CC company should have told you this.

Wrong. It used to be 6 minimum, or at least it was when I signed up in 2006.

I agree I'm pretty sure I didn't have an 8 character password for psn.

 

[cjtiger300]

Wrong. It used to be 6 minimum, or at least it was when I signed up in 2006.

It was 8, I'm positive of this, because I couldn't use the password I use for most things (which I don't use the same password on everything like I used to).

 

[Kagari]

Mine is less than 8, so they must have changed the requirements.

 

[Hanmik]

Mine is less than 8, so they must have changed the requirements.

mine is also less than eight.. seven .. and one of them has to be a number.. I remember my code, because I use them often on different Sony sites around the world..!

and the code is pretty new.. got a new one some time ago..

 

[Wario64]

Mine is less than 8, so they must have changed the requirements.

They did change it. Better think of a longer password when PSN goes up

 

[cjtiger300]

I don't get all this overreacting anyway.

When my card was compromised due to a problem with the security firm that shopto was using at the time, my bank automatically blocked my card and sent me a letter stating that I would receive a new one within a week, free of charge.

So I believe that if the BCC (bank card company) would have any reasonable doubt as to the security state of my card, as well as millions of others, they would react in the exact same fashion as last time.

I do check my account every couple of days just to make sure, but I'm not the least bit worried at this point and certainly won't request a new card.
I've got a VISA card for over 13 years now and that was the only incident I've had so far.

Yeah, my bank did the same thing over the TJX fiasco. I called them and they told me there was no reason to believe it had been compromised, however they were watching the situation closely. My bank has reissued cards between my wife and I 4 times as a precaution over intrusions like this, and they don't seem to be concerned at all about this one. That leads me to believe that the CC info for now is either safe (not hacked) or not used yet. I'm gonna go with the CC's not being compromised.

 

[user friendly]

It was 8, I'm positive of this, because I couldn't use the password I use for most things (which I don't use the same password on everything like I used to).

My old password was 7. I remember changing it because of an old buddy using the account during the KZ3 beta and went ahead and downloaded the beta on his machine and it blocked me out of the beta for 24 hours. When I changed it I remember getting the message that it had to be more than 8 characters.

 

[cjtiger300]

They did change it. Better think of a longer password when PSN goes up

I'm gonna make mine 20 characters with numbers, letters, and symbols, lol!

 

[Rebel Leader]

The bank is watching my mom's card closely because I went to a restaurant 2 days ago and it's not even pending. Usally it is by now, I believe.
EDIT: Apparently we didn't use the bank card for it.. We used the resturant's reward card

 

[cjtiger300]

My old password was 7. I remember changing it because of an old buddy using the account during the KZ3 beta and went ahead and downloaded the beta on his machine and it blocked me out of the beta for 24 hours. When I changed it I remember getting the message that it had to be more than 8 characters.

hmmm, I could be wrong. It's happened before and it will happen again.

 

[Rebel Leader]

Let's forget how long the password is, not gonna mater when PSN is up =3

 

[corporate cheerleader]

I can't even remember my 24 character password that consists of random letters and numbers, gotta get the secret note every single time. :l

 

[borghe]

I don't get all this overreacting anyway.

When my card was compromised due to a problem with the security firm that shopto was using at the time, my bank automatically blocked my card and sent me a letter stating that I would receive a new one within a week, free of charge.

So I believe that if the BCC (bank card company) would have any reasonable doubt as to the security state of my card, as well as millions of others, they would react in the exact same fashion as last time.

I do check my account every couple of days just to make sure, but I'm not the least bit worried at this point and certainly won't request a new card.
I've got a VISA card for over 13 years now and that was the only incident I've had so far.

Most people have only second hand exaggerated experience with credit card theft. And they don't hear our stories where a few hundred was charged and the stores refunded or the banks got the money back right away. Instead they hear my buddy's story where their debit account was cleared out and it took 45 days to get the money back. So people panic.

Same thing with the personal information. It doesn't matter that this information (and much more personal stuff usually) is already out on the net and easily accessible for most. Because it was "stolen" makes it ten times worse in their eyes.

But as many of us have been saying from the start, two months after services are fully restored I would bet that many/most who said they will never buy again, or will even only use points cards will be back to having a card stored on their and buying. and why shouldn't they? While breakins happen on the net every single day, breakins to a single company are often only once... heh... followed up by a massive investment in improved security infrastructure.

I can't even remember my 24 character password that consists of random letters and numbers, gotta get the secret note every single time. :l

I've tried this a few times.. pointless really. at this point I use either two or three words that make sense to me usually separated by numbers and/or symbols. of course this is only for the stuff I REALLY care about (i.e. home computer, work security logins, etc). For most sites (and even commerce sites) I'll just do something like "bhjcfil90wef89023hur23" and then let firefox remember it. if my saved passwords ever die then I just say "forgot password" and do the same thing again.

 

[Zoe]

Let's forget how long the password is, not gonna mater when PSN is up =3

Well the whole thing came up because of that supposed list of accounts and passwords... but apparently that was for another forum?

 

[Salaadin]

Well the whole thing came up because of that supposed list of accounts and passwords... but apparently that was for another forum?

I'm still trying to figure that out too. Was that list psn related or not? There are a lot of vague responses that make me unsure.

 

[Askia47]

Has anyone actually had their CC or Debit card compromised because of this intrusion? Or are people still being vague or careful, because it doesnt seem like much has happened yet.

 

[Rebel Leader]

Has anyone actually had their CC or Debit card compromised because of this intrustion? Or are people still being vague or careful, because it doesnt seem like much has happened yet.

People say they have but I haven't seen a pic of a credit/bank statement proving such a transaction.

 

[borghe]

Has anyone actually had their CC or Debit card compromised because of this intrustion? Or are people still being vague or careful, because it doesnt seem like much has happened yet.

being careful. there have been rumors and unsubstantiated claims that sony has warned the networks of potential fraud, but nothing factual. Sony's official statement is that the card database is encrypted and there is no evidence that leads them to believe that the card numbers were stolen.

edit - and yes, people have said that they've had fraudulent activity on their account, but there is no indication or reason to believe it was related to this other than coincidental timing. There has definitely not been a pattern or anything like there has been with other confirmed credit card thefts.

 

[megateto]

I'm still trying to figure that out too. Was that list psn related or not? There are a lot of vague responses that make me unsure.

I think I was the one who brought that up and truth to be told, I'm not really sure if the list is PSN related or not.

 

[cjtiger300]

Most people have only second hand exaggerated experience with credit card theft. And they don't hear our stories where a few hundred was charged and the stores refunded or the banks got the money back right away. Instead they hear my buddy's story where their debit account was cleared out and it took 45 days to get the money back. So people panic.

Same thing with the personal information. It doesn't matter that this information (and much more personal stuff usually) is already out on the net and easily accessible for most. Because it was "stolen" makes it ten times worse in their eyes.

But as many of us have been saying from the start, two months after services are fully restored I would bet that many/most who said they will never buy again, or will even only use points cards will be back to having a card stored on their and buying. and why shouldn't they? While breakins happen on the net every single day, breakins to a single company are often only once... heh... followed up by a massive investment in improved security infrastructure.


I've tried this a few times.. pointless really. at this point I use either two or three words that make sense to me usually separated by numbers and/or symbols. of course this is only for the stuff I REALLY care about (i.e. home computer, work security logins, etc). For most sites (and even commerce sites) I'll just do something like "bhjcfil90wef89023hur23" and then let firefox remember it. if my saved passwords ever die then I just say "forgot password" and do the same thing again.

Yeah, when my CC info was stolen and used in Sweden of all places my back refunded the money in less than 12 hours. The individual spent over $500 dollars on three different transactions when my bank called me due to the strange activity.

CC info theft is a thing that will happen if you use it often. My wife and I use it pretty much exclusively and don't carry cash. The good news is it is all covered and if your bank is decent at all can be taken care of and rectified pretty quick.

 

[OneMoreQuestion]

I think I was the one who brought that up and truth to be told, I'm not really sure if the list is PSN related or not.

Did you see any PSN IDs or just emails and passwords?