Support NeoGAF

[Trevelyon]

Ok, someone have taken another 30cent from my account. Going to contact the bank when they open and see if they can check who it is.

Kill it with fire as soon as you can. Just make sure it isn't some administration fee of the bank first.

 

[sublime085]

my email was definitely compromised and I had to change the password.

I'm not 100% sure if it's related to this but after years of using it with no problems the timing seems pretty revealing.

 

[perfectchaos007]

Another thing is that most people use 1 password for everything. So if the hackers try to get into anything else personal of yours, the first thing they will try to use is your PSN password.

My point is, if your PSN password is also your password for other important things like bank information etc. you may want to change it to be on the super safe side.

 

[IchigoSharingan]

I am glad the news is every where as it should be but they are not screwed, it's gonna be interesting to see what will come out of it.

Well they're screwed for the next few days at least. I mean...look at these headlines!

Sony: Credit data risked in PlayStation outage

 

[statham]

Ok, someone have taken another 30cent from my account. Going to contact the bank when they open and see if they can check who it is.

your probaby joking, but they will take out small amounts to see if a account is legit for bigger withdrawals
edit: cancel your card now.

 

[MrSerrels]

He the Scottish dude?

Anyway my point just had to do with the fact that Gawker/Kotaku went through a similar situation with their site being hacked last year.

Scottish dude - checking in.

Kotaku Australia was not compromised by the hacks, since we're not part of Gawker, we just use some of the US content. Completely different thing.

 

[darkwing]

So, when they say 'within a week,' they mean another week from this announcement?

This sucks

i think they mean this week? who knows though, the longer it is down the more bad it is for them though

 

[Quasar]

actually the smh.com.au article i linked to has that bit about "identity theft" with the information that they secured and that's the bit that worries me more than some credit card. There was some dude here who has the same name and racked up a massive mobile bill ($5600+ and $6000++) and Telstra came after me - well the debt collectors did anyhow.

All I had to do was write a letter to tell them I've never lived at that address and it went away.

Identity theft >>>> some measly easy to fight credit card fraud.

Well I imagine pretty all all the basic info was available before any PSN leak. And I'm someone who doesn't even have a facebook account or use my real name in many places.

 

[poserdonut]

When they say that the passwords leaked, I guess they leaked encrypted? It's not like they are storing this stuff in clear text?

 

[Vinci]

how often am I to check my bank account and for how long?

Just check it daily for the next several weeks, and let your bank know what's going on. I mean, it's not like we can tell you if people got your info or what/when they'd do with it. Just use your best judgment.

 

[White Man]

Thread's probably moving too fast to get (and read) a timely reply but. . .

Did the hacked gawker data get used? I didn't think I was a member of any gawker affiliated site, but my websitez account did get hit about 2 or so months ago. Truth be told, I still don't think I'm a member of any gawker sites but there are like 77 million in that fucking network.

 

[IonicSnake]

your probaby joking, but they will take out small amounts to see if a account is legit for bigger withdrawals
edit: cancel your card now.

I am not joking, the exact same amout have been reserved twice now, at first I thought it might just be a fee for something but it have happend twice now.

 

[statham]

Just check it daily for the next several weeks, and let your bank know what's going on. I mean, it's not like we can tell you if people got your info or what/when they'd do with it. Just use your best judgment.

what if they sit on this for 2 years?

 

[Chris R]

how often am I to check my bank account and for how long?

I'm going to check twice daily until we now for sure if CC details were leaked. If so the card gets canceled. If not then I don't bother checking any more than regular.

 

[darkwing]

When they say that the passwords leaked, I guess they leaked encrypted? It's not like they are storing this stuff in clear text?

yup, i mean who stores password in clear text, but then again they made that random constant number generator


seriously though , its encrypted else all hell would have broken lose lol

 

[mysteriousmage09]

my email was definitely compromised and I had to change the password.

I'm not 100% sure if it's related to this but after years of using it with no problems the timing seems pretty revealing.

It's from having the same password on the PSN account and the e-mail address. When PSN goes back up and you need to change that password, don't use the same one as your new e-mail password.

 

[Vinci]

what if they sit on this for 2 years?

Sony comes out and says, "Yes, they got some CCs," you might want to change the account at that point. Till then, just pay attention and keep your bank and CC companies informed.

 

[Quasar]

Thread's probably moving too fast to get (and read) a timely reply but. . .

Did the hacked gawker data get used? I didn't think I was a member of any gawker affiliated site, but my websitez account did get hit about 2 or so months ago. Truth be told, I still don't think I'm a member of any gawker sites but there are like 77 million in that fucking network.

Not that I recall. I know the email providers moved fast reseting passwords for everyone on the list. At least that happened for me. That actually was what caused me to move to complex passwords and using lastpass. Which works great for most things.

 

[The Shadow]

your probaby joking, but they will take out small amounts to see if a account is legit for bigger withdrawals
edit: cancel your card now.

Legit sites like Paypal will do this too.



Lord. The panic in this thread is hilarious, although if you do dumb shit like use a single password for EVERYTHING you do online, I guess it's warranted.

Protip for pending hack attempts on other online services (because it WILL happen again): Don't use the same fucking password for everything.

what if they sit on this for 2 years?

Then request a new a new CC # if you're that worried. It's really not a laborious process to do this.

 

[Vagabundo]

what if they sit on this for 2 years?

I would if I had all those credit card.

You can bet that after a few months most people won't notice.

 

[Jinfash]

Thread's probably moving too fast to get (and read) a timely reply but. . .

Did the hacked gawker data get used? I didn't think I was a member of any gawker affiliated site, but my websitez account did get hit about 2 or so months ago. Truth be told, I still don't think I'm a member of any gawker sites but there are like 77 million in that fucking network.

I believe it was. A series of reports regarding hacked Twitter accounts, FB accounts, and unsurprisingly email accounts (used to send Chinese drug ads to contact lists) soon followed the Gawker case.

However the biggest difference between this case and that one is that the Gawker's database was distributed via torrents whereas this this hasn't been (yet?). So let's hope it stays that way.

 

[Castor Krieg]

To all the ppl saying "keep your bank informed" - 99% they will recommend canceling the card, otherwise they will say bank has limited liability in such a case. Your CC info might have leaked? Cancel the card.

 

[Vinci]

To all the ppl saying "keep your bank informed" - 99% they will recommend canceling the card, otherwise they will say bank has limited liability in such a case. Your CC info might have leaked? Cancel the card.

Depends on the bank. Mine - a credit union - actually works similar to the credit card companies I use: Fraud alert, additional supervision, ability to dispute, notice of non-routine charges, etc.

 

[Jinfash]

Not that I recall. I know the email providers moved fast reseting passwords for everyone on the list. At least that happened for me. That actually was what caused me to move to complex passwords and using lastpass. Which works great for most things.

This is true for some services, but not all. Especially in the case of social networking sites. (they issued warnings, but didn't initiate any auto-resetting procedures).

 

[statham]

Sony comes out and says, "Yes, they got some CCs," you might want to change the account at that point. Till then, just pay attention and keep your bank and CC companies informed.

and that is a huge pain in the ass and another thing I don't want in my life. another thing I have to almost check daily. wonderful.

 

[mrklaw]

Is this global or US only? I got an email for my US PSN account, which I only use with PSN cards and has a fake address, but I haven't had one for my UK account which has real details.

This really makes me want to look at 1password or similar. I have abdecent password that I have memorised. But the more I'm forced to change it, the weaker it'll get.

 

[Revolutionary]

What at the bolded? Non-english speaker? I don't even think those words fit together.

As for the other stuff, the potential is there and it's a HUGE deal if something like that happened just like it was when the Mastercard incident happened. Trying to play off the actual event because "the potential is always there!" is fucking retarded. This was a horrible breach of a supposedly secure system. It doesn't happen everyday and it's important that it doesn't happen again so it's worth getting upset about. People are not unjustified in being angry at Sony because they allowed their information to be propogated. Just like they should be if it was Amazon or Microsoft or Steam or Wal-Mart or Chase or any other company.

I don't think Sony is going to go out of business because of this but it will effect their business.

You seriously can't read that? It's not grammatically correct (typing the way I talk - it's late) but it's pretty straightforward. Sorry for not writing it in proper English, I guess?

Either way, yeah, I wasn't trying to defend him, just trying to help you understand because it seems you were taking it in a different direction ("everyday breaches on this level?").

 

[Vinci]

and that is a huge pain in the ass and another thing I don't want in my life. another thing I have to almost check daily. wonderful.

Then change cards now and save yourself the hassle of keeping informed as the situation evolves. *shrugs*

 

[voltron]

Scottish dude - checking in.

Kotaku Australia was not compromised by the hacks, since we're not part of Gawker, we just use some of the US content. Completely different thing.

oh hey man.

Totally didn't realise that Kotaku Aus wasnt part of the Gawker network. Stand corrected.

BTW - good job on telly... although I found the awkward final shot of yourself somewhat amusing Not sure if you saw it but they lingered about 3 secs too long on you before flicking back to the anchor. Ended up being one of those funny news moments (that you see almost every night of course).

 

[KAOz]

Is this global or US only? I got an email for my US PSN account, which I only use with PSN cards and has a fake address, but I haven't had one for my UK account which has real details.

This really makes me want to look at 1password or similar. I have abdecent password that I have memorised. But the more I'm forced to change it, the weaker it'll get.

Global. Just seems like us in the EU isn't as important, or SCEE simply sucks donkeyballs. =/

 

[dude]

I don't think it's that unreasonable to think Sony will be sued over this, and I hope they'll get very closely inspected. This is a huge number of accounts (again, it doesn't matter that some of them might be fake or whatever, on paper, they're all "real" accounts) compromised, iTunes, Steam and countless other services seem to be able to defend themselves against such attacks (and I have no doubt these services are targets), but Sony weren't. Because of this, I'll have to assume Sony did not guard their users' data close enough until a judge specifically rules Sony did everything reasonable in their power to protect the data - Sony could and should be held responsible if they didn't take the right measures to protect your information. This is not an everyday occurrence, most big companies are able to protect their users from this kind of leak, but Sony wasn't able to, and until I'm told otherwise, I have no reason to give them the benefit of the doubt.

 

[The Shadow]

and that is a huge pain in the ass and another thing I don't want in my life. another thing I have to almost check daily. wonderful.

Being brutally honest here: You should be at least peripherally aware of what's going on with your CC bill. If that's a "huge pain in the ass", you deserve the potential consequences of that indifference.

Just change your CC # and stop whining already.

I don't think it's that unreasonable to think Sony will be sued over this, and I hope they'll get very closely inspected. This is a huge number of accounts (again, it doesn't matter that some of them might be fake or whatever, on paper, they're all "real" accounts) compromised, iTunes, Steam and countless other services seem to be able to defend themselves against such attacks (and I have no doubt these services are targets), but Sony weren't. Because of this, I'll have to assume Sony did not guard their users' data close enough until a judge specifically rules Sony did everything reasonable in their power to protect the data - Sony could and should be held responsible if they didn't take the right measures to protect your information. This is not an everyday occurrence, most big companies are able to protect their users from this kind of leak, but Sony wasn't able to, and until I'm told otherwise, I have no reason to give them the benefit of the doubt.

Just a FYI, credit card companies have been successfully infiltrated before. Just because it HASN'T happened to iTunes or Steam or any other online service doesn't mean it won't or can't. They just haven't been as big of a target.

It's naive to think it's just Sony being incompetent and your info at other sites are safe.

 

[statham]

Legit


Then request a new a new CC # if you're that worried. It's really not a laborious process to do this.

yes it is, I have atleast 10 bills on autopay changing them is not easy or something I want to spend a afternoon doing. I could be making fuckin sandwhiches for fukes sake, or maybe taking a fuckin walk.

 

[low-G]

"Prefers action games, does not collect very many trophies."

Oh shit you already have it!

 

[UberTag]

Global. Just seems like us in the EU isn't as important, or SCEE simply sucks donkeyballs. =/

Americans will be the first ones to threaten lawsuits.
Makes sense to prioritize them first.
Rest of the world can wait 'til later.

 

[Vinci]

yes it is, I have atleast 10 bills on autopay changing them is not easy or something I want to spend a afternoon doing. I could be making fuckin sandwhiches for fukes sake, or maybe taking a fuckin walk.

I think your priorities are a bit skewed. No offense meant.

 

[Vagabundo]

Where's my email SONY???

 

[Lothars]

I don't think it's that unreasonable to think Sony will be sued over this, and I hope they'll get very closely inspected. This is a huge number of accounts (again, it doesn't matter that some of them might be fake or whatever, on paper, they're all "real" accounts) compromised, iTunes, Steam and countless other services seem to be able to defend themselves against such attacks (and I have no doubt these services are targets), but Sony weren't. Because of this, I'll have to assume Sony did not guard their users' data close enough until a judge specifically rules Sony did everything reasonable in their power to protect the data - Sony could and should be held responsible if they didn't take the right measures to protect your information. This is not an everyday occurrence, most big companies are able to protect their users from this kind of leak, but Sony wasn't able to, and until I'm told otherwise, I have no reason to give them the benefit of the doubt.

I understand not giving Sony the Benefit of the doubt, but I wouldn't say that Itunes or Steam is any safer or less susceptible to this same kind of thing, so if anything you shouldn't give any company the benefit of the doubt in protecting your data because blaming one company but than saying the others wouldn't have it happen is nonsense.

 

[Violater]

So does this also apply if you had deleted your cc info from the system long before all this happened?

 

[Vinci]

I understand not giving Sony the Benefit of the doubt, but I wouldn't say that Itunes or Steam is any safer or less susceptible to this same kind of thing, so if anything you shouldn't give any company the benefit of the doubt in protecting your data because blaming one company but than saying the others wouldn't have it happen is nonsense.

Has iTunes or Steam been compromised to this level ever before? Honest question, I don't know.

 

[nofi]

So does this also apply if you had deleted your cc info from the system long before all this happened?

Nobody knows, Sony haven't said...

 

[Quasar]

I understand not giving Sony the Benefit of the doubt, but I wouldn't say that Itunes or Steam is any safer or less susceptible to this same kind of thing, so if anything you shouldn't give any company the benefit of the doubt in protecting your data because blaming one company but than saying the others wouldn't have it happen is nonsense.

I'd certainly heard of credit card issues before with itunes, though I can't remember the details. It wasn't the whole customer base though (which this potentially could be).

 

[Raistlin]

A little bird may have told me that while not confirmed, this may have been an inside job.

Obviously that actually looks less favorable, so the initial PR has been to assume an outside assailant.

 

[statham]

Being brutally honest here: You should be at least peripherally aware of what's going on with your CC bill. If that's a "huge pain in the ass", you deserve the potential consequences of that indifference.

Just change your CC # and stop whining already.

changing you cc number, piece of cake. no big deal, its like making a phone call, not a huge pain in the ass, every changing their CC. its the norm. I do it sometimes to be different, I want to be unique.


Changing your most used CC can be ahuge PAIN IN THE ASS. I have one CC I use for almost everything, dozens of site. guess I'm a idiot. thanks

 

[Professor Beef]

Oh shit you already have it!

TIME TO SPREAD THE NEWS

HWAHWAHWA

 

[Jinfash]

Has iTunes or Steam been compromised to this level ever before? Honest question, I don't know.

I read some conflicting reports about Steam, but I don't think iTunes ever has, jailbreak scene and all.

Edit: Although I vaguely remember some small security issue rising, but it was mostly caused by shady 3rd party app (from the appstore) collecting usage data and nothing beyond.

Edit: Now that I think about it, it may pertain to some ebook author on the iBook store. I don't know, my memory is fuzzy. Either way, nothing resembling this even on the smallest of scales.

 

[The Shadow]

yes it is, I have atleast 10 bills on autopay changing them is not easy or something I want to spend a afternoon doing. I could be making fuckin sandwhiches for fukes sake, or maybe taking a fuckin walk.

Ok. I literally can't tell if you're being sarcastic and funny or being serious. That's how absurd you sound right now.

It takes minutes to change your CC # on autopay sites. Don't be so fucking lazy.

 

[dude]

I understand not giving Sony the Benefit of the doubt, but I wouldn't say that Itunes or Steam is any safer or less susceptible to this same kind of thing, so if anything you shouldn't give any company the benefit of the doubt in protecting your data because blaming one company but than saying the others wouldn't have it happen is nonsense.

I personally don't store my CC and personal data on any service, I use Paypal.

But I do think a company with this kind of service owe it's customers to do everything it reasonably can to protect their data - iTunes and Steam might not be as safe, but let me ask this: Has they been hacked?
Maybe the hackers targeting Sony were super hackers who for some reason did not use their amazing hacking skills in going after more enticing databases like iTunes over Sony, but I have no reason to believe this until a judge says so because iTunes wasn't hacked and PSN was.

I'd certainly heard of credit card issues before with itunes, though I can't remember the details. It wasn't the whole customer base though (which this potentially could be).

I didn't hear of this, maybe it happened, but it surly wasn't of this magnitude. I would also believe it was more the case of phishing sites or something - because I believe we all would have heard if the iTunes database was hacked in anyway.

 

[Shao Kahn Brewing a Stew]

changing you cc number, piece of cake. no big deal, its like making a phone call, not a huge pain in the ass, every changing their CC. its the norm. I do it sometimes to be different, I want to be unique.


Changing your most used CC can be ahuge PAIN IN THE ASS. I have one CC I use for almost everything, dozens of site. guess I'm a idiot. thanks

So? Once you change your card, you can use that in other websites as well. I don't get this argument.

 

[DCharlie]

re: "compensation" - free PSN+ membership for a few months i'd have thought

That way it gives everyone a free trial and then they get to see what they get if they sign on to the pay service.