Giant Bomb News

114 Comments

Roughly 900 Credit Card Numbers Exposed Via Sony Online Entertainment Breach

The years-old database contained data for mostly expired cards. Horray?


 "Ha ha. Wait, cards from 2007? Only ha, then."
Sony's security woes continued yesterday when Sony Online Entertainment announced a security breach at the same facility that housed PlayStation Network's recently compromised database. 

The MMO developer said the personal information of 24.6 million accounts were exposed, in addition to 12,791 non-US credit or debit numbers with expiration dates--but not security codes. Data compromised included name, address, email address, birth date, gender, phone number, login name, and hashed password. 10,740 direct debit records from Germany, Austria, Netherlands and Spain were also accessed.

In mildly "positive" news, SOE has revealed this morning that most of those were actually expired cards. Only 900 of the nearly 13,000 exposed were active cards, meaning most consumers are not at risk. The database accessed was reportedly from 2007, explaining how so many of the cards have expired.

Like PSN, SOE does not believe its main database was or is at risk.

"There is no evidence that our main credit card database was compromised," reiterated the company in a statement. "It is in a completely separate and secure environment."

It's been quite a ride when that's considered positive news.

With PSN still down, PlayStation 3 users are still unable to access SOE titles like DC Universe Online. Patrick Klepek on Google+
114 Comments
  • 114 results
  • 1
  • 2
  • 3
Posted by xseedx

i just checked - bought my ps3 in '09, so i'm pretty much safe right?
Located in Germany btw...

Posted by Vexxan
@TadThuggish said:
" Boy, Sony sucks at everything. "
No more needs to be said. This is unbelievable...
Posted by SeriouslyNow
@MrAristocrates said:
" @WinterSnowblind: I'm not defending Sony against claims of poor security. Never have. That is absolutely their responsibility,I'm tired of people pinning other shit on them, though. "
Like what?  What else are people complaining about? 
Posted by WinterSnowblind
@MAST: The developer article you're referring to was a Sony propriety developer..  Shockingly, they said that people were acting like babies.  Once again, people have lost ALL of their personal details, twice in some cases, which puts us at very large risk of identity fraud, if not credit card theft..  If that's not the type of thing to get angry over, what is?
Edited by PenguinDust

Oh yeah, I should trust these people with my money. 

 
I hope EA is watching this because if they were to fall to the same intrusions, then they'd lose my future MMO business.  I was thinking of checking out DCU Online, but not any more.  These constant alerts just aren't funny.  
Posted by chriskelly123

one of my mates has lost around £300 :P  not cool

Edited by MAST
@WinterSnowblind said:

" @MAST: The developer article you're referring to was a Sony propriety developer..  Shockingly, they said that people were acting like babies.  Once again, people have lost ALL of their personal details, twice in some cases, which puts us at very large risk of identity fraud, if not credit card theft..  If that's not the type of thing to get angry over, what is? "

Umm, wrong. Just Add Water is not owned by Sony. Yes, Sony has published one of their games, but they aren't dedicated to Sony or anything. Hell, if you simply go to their website and look at their "about" page, they state that they developer for all platforms, including the Xbox 360. So yeah...
Additionally, Patrick Klepek wouldn't have linked that article on his personal twitter if he didn't at least somewhat agree with it. So add him to the list of reasonable people who think this whole situation has been blown waaaaayyyy out of proportion.

I'm not saying people should be all "Hurray! My personal info has been stolen! Yippee!" However, the extent with which people are bitching, raging, freaking out, and generally going apeshit over this whole situation is beyond ridiculous.

You know what this remind me of? The way people freaked out and went hysterical over swine flu. I'm willing to bet that the odds of my personal info being used against me, or my credit card being used by the hackers is about as likely as me dying from swine flu. I'm so confident of that, that I've literally done nothing over this PSN issue, even though I had all my info entered into my PSN account, including my current bank card. I'm willing to not do anything about this, not react in any way whatsover, just to prove a point... The point being, that the odds of bad things coming from your personal info/credit card info being stolen from PSN is almost zero.

Everyone just needs to shut the fuck up. Get mad if/when your personal info or credit card info gets used maliciously, not before... At this point, the only "bad" thing that has happened to any of us, is that we've been without online play for a couple weeks, and/or we lost a couple hours calling in to cancel a credit card. That's it... And you know what? Big whoop!
Posted by Superdude201

From the way this reads to me, aren't these credit card details just referring to SOE MMO accounts. So this happened in addition to the whole PSN network fiasco and the information taken from that attack?

Posted by MrAristocrates
@SeriouslyNow:  I've seen people asking, on this site, that Sony compensate them for purchases they couldn't make because they canceled their credit cards. Or, again, the "THEY WAITED A WEEK KILL THEM ALL" stories that have been my main issue with the way people have been commenting, because they didn't wait to tell us anything.

Seriously, someone on joystiq said they were boycotting all of Sony's products due to poor security. Including TVs and home stereos.
Posted by GT-Man

BOOOYY am I glad that I had not bought anything on the PLS but then again I wish I bought something atleast :(
Posted by SeriouslyNow
@MrAristocrates said:
" @SeriouslyNow:  I've seen people asking, on this site, that Sony compensate them for purchases they couldn't make because they canceled their credit cards. Or, again, the "THEY WAITED A WEEK KILL THEM ALL" stories that have been my main issue with the way people have been commenting, because they didn't wait to tell us anything.Seriously, someone on joystiq said they were boycotting all of Sony's products due to poor security. Including TVs and home stereos. "
Yeah but that's not them complaining about anything beyond what's been reported. Surely it's a valid consumer choice to boycott products brands too.
Posted by Nettacki
@MAST: You may have very good points, but if you do become a victim of ID theft you'd best be prepared to eat your hat.
Posted by TheDudeOfGaming

Too soon?
Posted by utino

WHAT HAPPENED TO THE 77 MILLION CREDIT CARDS YOU CLAIMED THERE KID? WHAT HAPPENED TO YOUR BULLSHIT ASS ARTICLE YOU WROTE CLAIMING 77 MILLION CREDIT CARDS STOLEN YET NOT ONE SINGLE CASE OF FRAUD?

QUALITY FUCKING REPORTING THERE