• Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.

Ransomware group claims to have breached Sony

Jokes aside, this kind of stuff fucking sucks. Nobody wins, except possibly the dickhead hackers. Selfish pieces of shit.
Part of the principle of some hackers is to test vulnerabilities and get them patched up, so that more nefarious entities dont do more serious damage. Ideally nobody would steal and we wouldnt have to lock our doors, but security exists for a reason and its constantly evolving with technology.

As for myself, Im keeping all my info intact so that if it gets comprimised I can back trace the culprit and do a reverse ransom on them. Even revealing more of my plans might scare them away.. so gotta keep secrets. Always the Spy vs Spy scenarios
 

Dacvak

No one shall be brought before our LORD David Bowie without the true and secret knowledge of the Photoshop. For in that time, so shall He appear.
Part of the principle of some hackers is to test vulnerabilities and get them patched up, so that more nefarious entities dont do more serious damage. Ideally nobody would steal and we wouldnt have to lock our doors, but security exists for a reason and its constantly evolving with technology.

As for myself, Im keeping all my info intact so that if it gets comprimised I can back trace the culprit and do a reverse ransom on them. Even revealing more of my plans might scare them away.. so gotta keep secrets. Always the Spy vs Spy scenarios
I don't mind white and gray hats at all. That's a valuable service, all around. But these jerks who hold data for hostage for personal payment are absolute donkeyknobbers.
 

bender

What time is it?
Luckily I haven't had payment methods tied to my account since the last breach. It's usually more economical to use prepaid wallet cards anyway. Still sucks.
 

SenkiDala

Member
I hope this is not true because if it is, timing is horrible, they just raised the price, so if it is the service we can expect for such a high price... This is more than unacceptable.

And if it is true I hope the "leak" or whatever it is, not as big as the 2011 one because it would be a disaster for the image of PlayStation.
 

Solarstrike

Member
Death penalty to malicious hackers. Stronger punishment on crime is overdue. Enough is enough. These pieces of isht and their ilk would hack the LHC and hold the world over a black hole for a ransom if they could. A precedent must be set. Example(s) must be set. The sorry excuse of "but ohh the hackers have skills, the government(s) can utilize them, put them to work!", is nil. A.I and quantum computing will take over that skillset and make it seem like a walk in the park with the push of a key or voice phrase.
 
Last edited:

Demigod Mac

Member
Unlikely customer credit card data was breached even if Sony was compromised.
The general best practice (especially for big corporations) is to minimize or eliminate the amount of CC data they store themselves and instead, offload that responsibility onto a payment processor company who specializes in handling and securing it.
So when you purchase something or save your CC while using the Playstation store, all that Sony themselves can see (by querying their payment processor) is if you paid up or not - and that's all they need to know.
 

ZehDon

Member
Hopefully we get some good info.
Hopefully this is all BS. If the hackers really have breached "all of Sony's systems", this could have a very real impact on general customers - like most of us. And not just PSN going down for a few weeks; sold personal data, such as credit cards, can become an absolute nightmare.
 

Crayon

Member
Ugh we got a ransome attack last year and it was a massive pain in the ass. Our IT team fought and won, somehow. And in the fray, I managed to get an untracked chromebook out of it lol.
 

M1chl

Currently Gif and Meme Champion
So that's Android code for streaming app or something? Meh. Fucking Android decompiler can do that
 

darthvargi

Member
It looks like QA test stuff for web apps/account pages, some Jenkins stuff amongst other things. Worthless lmao
With Jenkins you can figure out some of their builds and Sonarqube may give some insight to poor code but yeah, this is likely nothing.
 
PqLTAV9.jpg
W96JQu8.png
 
And that's why I used a digital card. I can just block/delete it and it won't compromise any actual info.

After the 2011 breach, I wouldn't trust Sony with my cc info.
 

Elios83

Member
Nowadays I always use two factor verifications and paypal to be safe with all the digital accounts.

Anyway given Sony's silence I guess like this was nothing important otherwise they would have at least admitted it claiming they're investigating into it.
 
Last edited:

Dice

Pokémon Parentage Conspiracy Theorist
I had 2FA of course, but changed my password anyway. I know that doesn't actually matter if they already have my info, but at least I know my account is secure.
Same and fortunately I don't have any payment info stored with them. I also use Paypal or game store gift cards for these types of things anyway in case there is non-profile-bound information kept about their transactions.
 

cormack12

Gold Member
Trusty old password1. Never let me down so far.

Are people who bid on this data just taking a massive hope that something in there is usable?
 

ultrazilla

Gold Member
Well I just had a charge attempted from an Italian restaurant in Atlanta. I'm in Michigan. Luckily my credit union alerted me immediately and they locked out the card.
No way of telling if this was from the hack.
 

Thick Thighs Save Lives

NeoGAF's Physical Games Advocate Extraordinaire
In the Mystic Ryan video there's a segment on the ransomware group that claims to have hacked Sony.


image.png


Video is timestamped:

 
Last edited:

adamsapple

Or is it just one of Phil's balls in my throat?

Sony Interactive Entertainment (Sony) has notified current and former employees and their family members about a cybersecurity breach that exposed personal information.

The company sent the data breach notification to about 6,800 individuals, confirming that the intrusion occurred after an unauthorized party exploited a zero-day vulnerability in the MOVEit Transfer platform.

The zero-day is CVE-2023-34362, a critical-severity SQL injection flaw that leads to remote code execution, leveraged by the Clop ransomware in large-scale attacks that compromised numerous organizations across the world.

 

X-Wing

Member
Well I just had a charge attempted from an Italian restaurant in Atlanta. I'm in Michigan. Luckily my credit union alerted me immediately and they locked out the card.
No way of telling if this was from the hack.

Unlikely. In one of the breaches it was employer data that was stolen and in the second one it was a test server that got hacked.
 

X-Wing

Member
Death penalty to malicious hackers. Stronger punishment on crime is overdue. Enough is enough. These pieces of isht and their ilk would hack the LHC and hold the world over a black hole for a ransom if they could. A precedent must be set. Example(s) must be set. The sorry excuse of "but ohh the hackers have skills, the government(s) can utilize them, put them to work!", is nil. A.I and quantum computing will take over that skillset and make it seem like a walk in the park with the push of a key or voice phrase.

A lot of these groups are state funded.
 
Top Bottom