Support NeoGAF

[Eric C]

The fact that Sony lied in previous blog postings about not knowing the cause of the outage, doesn't make me feel confident that Sony is telling the complete truth in today's press release.

I'm not going to boycott Sony or anything. I want to buy Threads of Fate as soon as PSN is back up.

I don't have a PS3, but I'm still going to use PSN/MediaGo to buy my game for my PSPGO (what other option do I have) I'm just really glad I've always used PSN cards and gave Sony a false street address so none of my info is compromised. I'll just continue using PSN cards and buying game specific codes from Amazon.

Okay, I am FUCKING outraged at this. I'm not angry that Sony's security failed. That shit happens, although if you're not fucking incompetent it happens less. That's another issue which I generally don't get worked up about. What I am outraged about is the handling of this entire situation.

SONY KNEW AND THEY SAID NOTHING.

In one of the previous threads which is now locked, a jr member helpfully provided a tip off that his friend at SCEA suggested that personal information including usernames/emails/addresses/passwords/etc were DEFINITELY taken, and that CC data was PROBABLY NOT taken but that they did not know. This was DAYS ago. THEY FUCKING KNEW.

The assumption on our part, an assumption of GOODWILL, was that if Sony said nothing at all, it meant that nothing was compromised since they were required by law to tell people if it is compromised. Guess what? THEY JUST DIDN'T GIVE A FUCK. In 5-6 days, who knows what could have happened? That's a huge gap. Totally and utterly irresponsible.

Oh and guess what? The statement and the email is only coming from SCEA right now! I have received NO EMAILS for my other accounts, including my primary account. How is this acceptable? This slow and utterly inefficient communication to the consumer regarding high risk information of the more severe nature is unacceptable.

I no longer have any faith whatsoever in PSN, and I will have to carefully consider if I ever want to use this service again.

I'm not sure if this is the post, he's not a junior member.
arnoldocastillo2003
Member
(04-24-2011, 01:36 AM)
http://www.neogaf.com/forum/showpost.php?p=27356633&postcount=2335

* Personal information: Name, Last Name, Address, Email, zip code, country.
* Passwords of the users of PSN: he didn´t confirm this even though i ask him a lot.
* Credit Cards Numbers: He confirm that the numbers were not compromised because the numbers are stored/protected/encrypted in a different way that the personal data (that is what he told me, he and I don´t know shit about computer programming so sorry for not giving specified details here).
* Users Log History was retrieve (don´t know what that is).


That is all he gave me, well summarized at least.

This is clearly CYA time for Sony. Today's message was essentially drawn up by their legal department.

Furthermore, people need to stop taking anything Sony says at face value. For the first 48 hours of this disruption they didn't even acknowledge that they'd taken the network down themselves.

The Sony story changes every day based on what they're legally obligated to share.

Just for kicks, I'm bored. I was also inspired by Duckroll

April 20th "We’re aware certain functions (um what?) of PlayStation Network are down. We will report back here as soon as we can with more information.

Thank you for your patience."

April 21st "While we are investigating the cause of the Network outage (the "off" switch had already been flipped on PSN), we wanted to alert you that it may be a full day or two (false) before we’re able to get the service completely back up and running. Thank you very much for your patience while we work to resolve this matter. Please stay tuned to this space for more details, and we’ll update you again as soon as we can."

April 22nd "An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th (but couldn't post about it on the 20th or the 21st). Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share. "

 

[HomerSimpson-Man]

Ah yes, blackmail porn. Of course! It all makes sense now!

 

[SickBoy]

As I said previously, this is no BP situation and BP is doing just fine.

BP was a million times worse, but this is apples and oranges. Consumers have a much greater ability to choose not to buy Sony products than they do not to purchase fossil fuels sourced from BP.

EDIT:

It's worse than BP if people start getting fraudulent charges on their cards. If anything trumps destroying the environment, it's fucking with peoples money.

Yeah, because those people that died were no big deal, nor were big chunks of tar washing up on beaches.

 

[mugurumakensei]

How can you blackmail people because they watch porn? This is getting silly.

Can't let everyone know how much you're into sonic and amy.

 

[Jinfash]

Oh nice.

Hey, you mind telling me the email you use for PSN? I just want to email you some stuff

ssj4lyfe@aol.com

 

[brentech]

Going to say it's always good to be vigilant and check your accounts, but if you don't already do that on a normal basis without any known direct threat...you're kind of behind on the times.

While it's a large case, this all is still blown out of proportion. There are so many companies that have been hacked or had employees steal CC data from their data centers that it's not funny.

Every company worth it's salt has an outside company audit their security systems on an nearly annual basis. Sad that it took a breach for Sony to do this, but it is what it is. Fact is, it's standard to have an outside source do investigating along with your own teams.

If what they found is true, much of this info that was taken is already available on sites such as spokeo.com and other people info collection sites. They take available government info along with public social site info and mix it with services like google maps if you want to really be creeped out.

And my knowledge of security auditing comes from working in IT at a few different banks. It's totally normal, and sometimes it's the auditors that loose the data, such as in bank of Americas case.
They almost always find out which customers are directly effected and give them more direct advice and before mass contacting everyone with basic self security principles.

This is from my experience, and while it could have been more timely, I can at least understand the process Sony went through.

 

[FINALBOSS]

BP was a million times worse, but this is apples and oranges. Consumers have a much greater ability to choose not to buy Sony products than they do not to purchase fossil fuels sourced from BP.

Uh...not really.

If people wanna play games, especially games that only Sony has, they are going to buy them regardless of this situation.

There's a thousand different gas companies that ALL make the same exact stuff.

 

[Neuromancer]

Can't let everyone know how much you're into sonic and amy.

Pfft that would be the least of my worries

 

[Trent Strong]

Oh, its not unheard of. They threaten to contact your wife or your workplace. Very old trick.

A whole other aspect, is the privacy issue. Loads of people have unlisted/hidden private home-address, for varying reasons. I could see some heavy lawsuits coming along, if this information leaked.

Why would my workplace give two....what?

 

[btkadams]

my anger at sony has definitely subsided a bit. i changed my passwords everywhere and am monitoring my cc so i don't think i should be having any problems.

i'm very perplexed by all the people vowing to never buy anything off of psn again. the service was fantastic (when it was up lol) and had great content. i'd imagine that after this they're going to have extremely tight security too so it is also fair to have more faith in that aspect. sony definitely fucked up but i don't really give a shit about their problems as long as i don't have any problems.

 

[Killthee]

SOE's statement regarding PSN DCUO/Free Realms subs:

We apologize for any inconvenience players may have experienced as a result of the recent service interruption. As a global leader in online gaming, SOE is committed to delivering stable and entertaining games for players of all ages.

To thank players for their patience, we will be hosting special events this weekend across our game portfolio, including a Double Station Cash day on Saturday, April 30th.

We are also working on a “make good” plan for players of the PS3 versions of DC Universe Online and Free Realms. Details will be available soon on the individual game websites and forums.

 

[SickBoy]

Uh...not really.

If people wanna play games, especially games that only Sony has, they are going to buy them regardless of this situation.

There's a thousand different gas companies that ALL make the same exact stuff.

...but BP doesn't need to even exist in the downstream space to make money (i.e: they never have to have a BP gas station consumers don't want to go to).

 

[Dreamgazer]

ssj4lyfe@aol.com

I can't tell if you get the joke or not.

 

[Talon]

As someone that works in PR for a large firm, whoever the VP-Comm. for Sony is going to have his/her head on a platter in a week's time.

 

[hamchan]

I'm much more angry at the hackers than Sony

 

[Hex]

BP was a million times worse, but this is apples and oranges. Consumers have a much greater ability to choose not to buy Sony products than they do not to purchase fossil fuels sourced from BP.

All of the BP gas stations around me are doing just fine, there are gas stations on every corner from many different brands and providers.
People still go there, people never stopped.
That was more what I was talking about.

 

[Aselith]

BP was a million times worse, but this is apples and oranges. Consumers have a much greater ability to choose not to buy Sony products than they do not to purchase fossil fuels sourced from BP.

EDIT:

Yeah, because those people that died were no big deal, nor were big chunks of tar washing up on beaches.

Err, why did you make my same point and then act like I'm an asshole for pointing it out? I never said it was no big deal. I meant worse for the company. Are you high or something?

 

[WrenchNinja]

So if I had used a credit card before and deleted the information right after a purchase, my information would still be in the db and still could be compromised?

How long does it take to change numbers and get a new card?

 

[jackdoe]

As someone that works in PR for a large firm, whoever the VP-Comm. for Sony is going to have his/her head on a platter in a week's time.

Offer free credit monitoring services to all PSN members. That is one way for Sony to get out of this PR mess. Not gonna happen though.

 

[Apath]

Uh...not really.

If people wanna play games, especially games that only Sony has, they are going to buy them regardless of this situation.

There's a thousand different gas companies that ALL make the same exact stuff.

That's a big assumption to make. If people believe Sony to be incompetent and PSN unsecured, as true or untrue as that may be, it will have an effect on people purchasing the PS3. How much of an effect? Probably not much at all, but it remains to be seen.

 

[SapientWolf]

gaf analogy complier needed

This situation is like someone installed cameras at the seedy sex club and took pictures of everyone at the glory holes. So Sony closed the holes. But they didn't tell the patrons in time so they were robbed of their glory.

 

[Loudninja]

Posted yesterday by alr1ghtstart

We've decided to extend the beta. Once PSN is back up we'll determine by how long, but rest assured: your outcry has been heard.

http://twitter.com/#!/SuckerPunchProd/status/62582302164787201

So InFamous beta players have nothing to worry about.

 

[Absoludacrous]

Oh really?

Go read the new thread made asking people what they are going to do when PSN comes back up.

The consensus is--go about your business as usual.

We must be reading different threads, cause there's an equal amount of people saying they're switching to PSN cards. Myself included.

While putting your PS3 (or all 6 of them) on ebay is incredibly short-sighted, waving the entire thing off with your hand and pretending nothing happened is equally bad.

 

[GillianSeed79]

Why does gaf fail so hard at analogies?

Yo, dis hack is like if a car company sold you a car, and you sold it to someone else broken so not only does the manufacturer get no profit, but you also lied to your customer.

You are having sex with your girlfriend of more than a few years and wearing a condom. At the 35 minute mark you are becoming tired and bored. Suddenly, you experience an amazing sensation and it's over in a few minutes. You pull out. To your horror there is no longer a condom, but a torn piece of latex around your scrotum. Your girlfriend asks you what's wrong. You say nothing and run to the bathroom. You look in the mirror and realize there has been a breach. For the next six days you consult with third party guy friends. You avoid intimate contact with your girlfriend. On the sixth day you awake to hear your girlfriend vomitting in the toilet. Deep down you fret this morning sickness may have been the result of the breach, but you tell yourself and your friends as you weep on your pillow clutching the bank statement showing that your life savings amounts to $23 that it was probably just the day old egg salad sandwhich she ate last night. There, I crown myself king of bad analogies.

 

[brentech]

Offer free credit monitoring services to all PSN members. That is one way for Sony to get out of this PR mess. Not gonna happen though.

Umm, the 3 major credit bureaus already offer it for free. You just have to call and let them know that your personal info has been compromised. I believe the article on CNN about his attack has all that info available in it.

 

[Commanche Raisin Toast]

April 20th "We’re aware certain functions (um what?) of PlayStation Network are down. We will report back here as soon as we can with more information.

Thank you for your patience."

this is them noticing an intrusion because PSN wasn't working as it was supposed to. a lot of people complained about trophies not syncing etc. sony at this point could suspect hacking but wanted to make sure first.

April 21st "While we are investigating the cause of the Network outage (the "off" switch had already been flipped on PSN), we wanted to alert you that it may be a full day or two (false) before we’re able to get the service completely back up and running. Thank you very much for your patience while we work to resolve this matter. Please stay tuned to this space for more details, and we’ll update you again as soon as we can."

they didn't say here that they DIDN'T take down those services themselves. they just said that they are investigating. and REALLY? you're going to take them saying it MAY be a day or two as them giving a hard absolute sworn-on-the-bible time frame for it being fixed? wow.

April 22nd "An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th (but couldn't post about it on the 20th or the 21st). Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share. "

now they discovered that it was indeed some serious shit and would take longer than a few days to fix. better let everyone know that it's possible hacking and that it may take longer. and also, the turning off of the PSN/Q was necessary for them to investigate.

i don't A.) recall them saying the hackers took down the PSN, and B.) don't see where they said "PSN is down and it's not us" on the 21st. desperate attempts at forcing some prior knowledge conspiracy on sony.

 

[Seraphinianus]

If there is no game sharing, then how are you going to reenable your content on a new PS3 if your old ps3 kicked the bucket/you sold it/etc.?

The concept is perfectly fine, it's just that it's abused for the wrong reasons, then those who abuse it complain when they use up all the share slots.

Same as the Final Fight DRM-- don't let 2 accounts play at once.

 

[SickBoy]

Err, why did you make my same point and then act like I'm an asshole for pointing it out? I never said it was no big deal. I meant worse for the company. Are you high or something?

The point I was making was actually different (that BP's oil is oil like any other and does not need to marketed to the end consumer), but clearly I misread what you were saying (i.e: that it was worse in the eyes of affected customers), so sorry about that.

 

[jackdoe]

Umm, the 3 major credit bureaus already offer it for free. You just have to call and left them know that your personal info has been compromised. I believe the article on CNN about his attack has all that info available in it.

That's different. You're talking about placing a "Fraud Alert". I'm talking about an actual monitoring service.

 

[Knux-Future]

You are having sex with your girlfriend of more than a few years and wearing a condom. At the 35 minute mark you are becoming tired and bored. Suddenly, you experience an amazing sensation and it's over in a few minutes. You pull out. To your horror there is no longer a condom, but a torn piece of latex around your scrotum. Your girlfriend asks you what's wrong. You say nothing and run to the bathroom. You look in the mirror and realize there has been a breach. For the next six days you consult with third party guy friends. You avoid intimate contact with your girlfriend. On the sixth day you awake to hear your girlfriend vomitting in the toilet. Deep down you fret this morning sickness may have been the result of the breach, but you tell yourself and your friends as you weep on your pillow clutching the bank statement showing that your life savings amounts to $23 that it was probably just the day old egg salad sandwhich she ate last night. There, I crown myself king of bad analogies.

 

[BobTheFork]

Sony wasn't going to tell everyone what was taken until they knew every single last thing that was compromised. They sure as hell weren't going to make 5 statements or send 5 e-mails
*email* oh username might be takes
*email* and address
*email* oh and possible password info

They pulled the plug and had to shift through the shit and you actually do have to make sure you figure it out before you say something.

 

[I NEED SCISSORS]

This situation is like someone installed cameras at the seedy sex club and took pictures of everyone at the glory holes. So Sony closed the holes. But they didn't tell the patrons in time so they were robbed of their glory.

It's more like a guy fucking his girlfriend while using an oversized condom, then letting it slip off during sex so that he can say "it's because you're just too tight", only to not tell her that they actually still nutted and maybe could have gotten her pregnant.

wtf.... beaten?

 

[Neuromancer]

You are having sex with your girlfriend of more than a few years and wearing a condom. At the 35 minute mark you are becoming tired and bored. Suddenly, you experience an amazing sensation and it's over in a few minutes. You pull out. To your horror there is no longer a condom, but a torn piece of latex around your scrotum. Your girlfriend asks you what's wrong. You say nothing and run to the bathroom. You look in the mirror and realize there has been a breach. For the next six days you consult with third party guy friends. You avoid intimate contact with your girlfriend. On the sixth day you awake to hear your girlfriend vomitting in the toilet. Deep down you fret this morning sickness may have been the result of the breach, but you tell yourself and your friends as you weep on your pillow clutching the bank statement showing that your life savings amounts to $23 that it was probably just the day old egg salad sandwhich she ate last night. There, I crown myself king of bad analogies.

Amazing :lol

 

[Dead Man]

As someone that works in PR for a large firm, whoever the VP-Comm. for Sony is going to have his/her head on a platter in a week's time.

http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/
Posted by Patrick Seybold // Sr. Director, Corporate Communications & Social Media

 

[_Xenon_]

Good thing is I never used any kind of PSN service except playing Demon Souls online. Bought almost all my multi-play heavy games on XBOX. When it comes to the online service Microsoft is still the king.

 

[RadioHeadAche]

I wish I had used a fake address or just used those pre-pay cards. Of course, that's not going to help anything now.

This whole thing sucks.

 

[Trevelyon]

Sony wasn't going to tell everyone what was taken until they knew every single last thing that was compromised. They sure as hell weren't going to make 5 statements or send 5 e-mails
*email* oh username might be takes
*email* and address
*email* oh and possible password info

They pulled the plug and had to shift through the shit and you actually do have to make sure you figure it out before you say something.

I could only imagine if they kept revising the damage report up day by day as they continued discovering how bad the situation actually was.

Either way they would've been crucified. Absolute no win situation if I ever saw one.

 

[MalboroRed]

You are having sex with your girlfriend of more than a few years and wearing a condom. At the 35 minute mark you are becoming tired and bored. Suddenly, you experience an amazing sensation and it's over in a few minutes. You pull out. To your horror there is no longer a condom, but a torn piece of latex around your scrotum. Your girlfriend asks you what's wrong. You say nothing and run to the bathroom. You look in the mirror and realize there has been a breach. For the next six days you consult with third party guy friends. You avoid intimate contact with your girlfriend. On the sixth day you awake to hear your girlfriend vomitting in the toilet. Deep down you fret this morning sickness may have been the result of the breach, but you tell yourself and your friends as you weep on your pillow clutching the bank statement showing that your life savings amounts to $23 that it was probably just the day old egg salad sandwhich she ate last night. There, I crown myself king of bad analogies.

Congratulations.

 

[Barrow Roll]

I haven't been really following this since I don't play anything on PSN but... what the fucking shit. Ugh, time to change passwords again.

 

[Wizeguy21]

hackers chat logs??? how can this be? FAke?

http://lo-ping.org/2011/04/26/psn-hackers-chat-logs/

 

[Psy-Phi]

So if I had used a credit card before and deleted the information right after a purchase, my information would still be in the db and still could be compromised?

How long does it take to change numbers and get a new card?

Call your CC company/bank and ask them. It could be anywhere between 2 & 14 days. Your card may be deactivated through the act of requesting a new one, and you don't want to be caught with no money if you need some for a small emergency. So you might want to withdraw some cash from the bank if you normally use the debit at stores.

 

[Zoe]

Umm, the 3 major credit bureaus already offer it for free. You just have to call and let them know that your personal info has been compromised. I believe the article on CNN about his attack has all that info available in it.

That's different. A credit monitoring service will track any changes to your credit report such as new accounts or hard pulls.

 

[Vamphuntr]

hackers chat logs??? how can this be? FAke?

http://lo-ping.org/2011/04/26/psn-hackers-chat-logs/

It better be for Sony

<user2> for example:
<user2> creditCard.paymentMethodId=VISA&creditCard.holderName=Max&creditCard.cardNumber=4558254723658741&creditCard.expireYear=2012&creditCard.expireMonth=2&creditCard.securityCode=214&creditCard.address.address1=example street%2024%20&creditCard.address.city=city1%20&creditCard.address.province=abc%20&creditCard.address.postalCode=12345%20
<user2> sent as plaintext
<user3> uh
<user3> did you censor that card?
<user2> ya its fake
<user3> good
<user1> wow, plaintext :S
<user5> plaintext wow

 

[kswiston]

When it comes to the online service Microsoft is still the king.

Maybe on consoles where their competition is inept. Try Games for Windows Live and make that statement.

 

[Dead Man]

I could only imagine if they kept revising the damage report up day by day as they continued discovering how bad the situation actually was.

Either way they would've been crucified. Absolute no win situation if I ever saw one.

You keep saying they would have been crucified if they gave too much information too early. Has any company ever really suffered a backlash for telling people what happened, rather than the actual event itself? I can't think of one.

 

[lupinko]

Pack it boys, this is the end of PlayStation!

 

[Jinfash]

I can't tell if you get the joke or not.

I can't tell if you seriously think that's my email or not.

 

[Zoe]

It better be for Sony

You forgot the part a couple of lines above that:

<user2> aswell you should never ever install a CFW from someone unknown
<user2> cuz its way too easy todo scamming at this point

Only an issue with CFW.

 

[RadioHeadAche]

Should I be worried about entering passwords on sites using the PS3's web-browser?

 

[Dead Man]

It better be for Sony

IF (and that is a very big if) this is true, that would be pretty atrocious shit by Sony.