Pull your head out of the sand. Sony and anyone else they hire may not ever be able to conclusively tell you what exactly was stolen, but that shouldn't matter at all. The fact is that they had your information in a system that was breached. Is that not enough? Does someone need to buy a yacht with your personal information for you to see that something is wrong? You should protect yourself first and worry about everything else later."It disturbs me that I thought it was a joke at first. I would prefer waiting until I hear (not just from Sony, mind you) reliable sources telling me that the cards were actually compromised, rather than cancel a card based on something I don't have enough info to make an informed decision based upon. "
Daybreak Games
Company »
Daybreak Games, formerly known as Sony Online Entertainment, is best known for their popular MMOs such as EverQuest, DC Universe Online, and PlanetSide. In 2020, Daybreak Games split into three separate development studios while the publishing side remained known as Daybreak Games.
Roughly 900 Credit Card Numbers Exposed Via Sony Online Entertainment Breach
" @MrAristocrates said:I'm going to bold a sentence to draw your attention to it. See if you spot it.Pull your head out of the sand. Sony and anyone else they hire may not ever be able to conclusively tell you what exactly was stolen, but that shouldn't matter at all. The fact is that they had your information in a system that was breached. Is that not enough? Does someone need to buy a yacht with your personal information for you to see that something is wrong? You should protect yourself first and worry about everything else later. ""It disturbs me that I thought it was a joke at first. I would prefer waiting until I hear (not just from Sony, mind you) reliable sources telling me that the cards were actually compromised, rather than cancel a card based on something I don't have enough info to make an informed decision based upon. "
Still don't understand why people feel the need to defend gigantic corporations, do people not realize that Sony really don't care about you in the slightest and if they got a profit from murdering you they would do it?
And I thought I was cynical. I know that Sony doesn't care about me. I'm just incredibly pedantic and correct people anyway." Still don't understand why people feel the need to defend gigantic corporations, do people not realize that Sony really don't care about you in the slightest and if they got a profit from murdering you they would do it? "
I decided to request a new card after they announced that passwords were compromised. I didn't trust that they had kept my credit card number secure after they couldn't keep my password out of the wrong hands. Sony had my debit card on file, so I didn't need someone cleaning out my bank account. It will be Pre-paid cards only for me on PSN going forward.
Actually, I hate how loosely the term is used too. It's thrown around far too often if somebody defends a particular game series or console, no matter how lightly. But let's be honest here, there's no other reason anyone could possibly be defending Sony here, this is the RRoD x10. You can still like the PS3 and Sony in general, but pretending they've done nothing wrong or that it isn't a big deal, is just ridiculous. Anyone doing so is a fanboy, plain and simple and I'm yet to hear anything that would prove otherwise. Sony themselves could have stolen your credit card information and currently be using it to buy things and you'd still be defending them."I declare the word "fanboy" to be a variation on Godwin's law, in that someone will always bring it up. "
" @MrAristocrates: They will never be able to tell you whether or not your card was stolen. The fact that you don't understand this is amazing to me. And it's equally amazing that you'd wait for someone else to tell you that it's okay to do what you need to do to protect your livelihood. I am beginning to believe that you don't actually believe any of this shit and you just like starting a big flame war.Grow up? You're the one insulting me. I just don't want to cancel cards without being at least somewhat sure that my information is actually at risk.Grow the fuck up."
I BLAME SONY FOR POOR SECURITY. But don't think I'm canceling my credit card without being sure. I'm not asking anyone to tell me if my card was stolen. I'm saying that I'm going to make an informed decision by collecting more information.
Also, I'm starting a flame war (that isn't even happening, BTW. If I was a troll, I'd probably have left by now since you're the only one raging, and that ain't much of a "war") for having a dissenting opinion? Christ, what will you guys do when I say XII is my favorite FF?
I don't feel bad for Sony. They tried to bully a bunch of kids and now they are getting punched in the nose over and over again. Not to mention the fact that it took Sony 150+ hours to provide a semi-mediocre response about the issue.
I'm tired of people pinning other shit on them, though.
" I don't feel bad for Sony. They tried to bully a bunch of kids and now they are getting punched in the nose over and over again. Not to mention the fact that it took Sony 150+ hours to provide a semi-mediocre response about the issue.Because offering those things is totally realistic, right?If they can afford the lawyers and all the time they spent going after a couple of kids then they can afford making it right for their customers. Oh wait, I forgot that instead of providing customers with a year subscription to experian, equifax or transunion...they are offering 30 days to PSNplus. Thanks Sony, you are really making it up to your customers.That being said, Sony has really disappointed me. Its obvious that their IT security department is as inept as whoever made the decision to try to ruin a kids life. I've lost my trust in Sony (as a business) even though I was not affected. Maybe they'll regain my trust if they make organizational changes and fire the people that allowed this to happen in the first place. Until then, I will give my business to MS and Nintendo. I knew that I should have bought Mortal Kombat for the Xbox. oh well. But frankly, it's not worth dealing with a mediocre company just to play Gods of War and Uncharted ."
It didn't take them 150 hours to respond. They discovered an intrusion, shut down the network, found out personal data had been accessed, and told us about it. The last two took place within 24 hours.
Geohot's not a kid, and while Sony may not need defending, neither does he.
" @Phoenix87 said:" Even 1 exposed is too many. "Oh shut up. Unless you are a 1 man, top security firm, I think I'll just assume that your another whining prick. Nothing is perfect. Even military body armor can't stop every round. How can you expect it to be any different for cyber security? 900 isn't that bad, especially if the people know about it. If you have a credit card and you don't keep an eye on your account, especially when you've been notified of this kind of event, your just asking for it. It sucks, maybe they could have done better, but that's a tiny number relatively speaking, and it's not like they just gave em out to criminals. Why blame the people who spent 4 years planning a bank heist when you can blame the bank, right?/sigh"@m0rdr3d said:"Except they were secure. Just separate.Nice going, Sony! "Meh. They were mostly expired cards. Why secure em."
Don't think I'll be doing business with those pricks ever again. Anyone wanna buy a PS3 Slim?
"
But hey, feel free to be a big baby about all of this and act like Sony fucked you in the ass with a steel rod. Also, SOE is totally separate from the Playstation division. Sony is so big with so many parts, it's basically a confederation, in business form. Blaming one division for the failing of another is just silly.
@MordeaniisChaos:
Except that they actually weren't secure because Sony just told you the hackers got them. But hey, feel free to be a big Sony fanboy and "act like Sony fucked you in the ass with a steel rod"...and you liked it.
And, for the record, I didn't say I'd never buy another Sony TV (I probably won't since they're needlessly more expensive). Just don't plan on buying anything on their shitty networks. If this happens on XBL, the same goes for them.
" @MrAristocrates:That's just the standard message that pops up when the network is down or when the system encounters specific network errors. I'd hardly call that "going out of their way to fool customers" since it's just a normal automated message....They went out of their way to fool customers by stating in a pop-up message that the "Network is down due to maintenance" when trying to log into PSN. Actually, that message is still on today. Am I lying? As far as I'm concerned that is deceiving behavior."
Do they plan on emailing the people who's accounts they've lost? Sounds like the right thing to do seeing as they seem to already have enough information to tell that those cards are expired.
" @MrAristocrates:Yes. Rumors. Because most giant companies trust rumors above their own investigations. They found out Monday, we found out Tuesday. It's not hard.From what I understand, 48 hours after PSN went down there were rumors that the network had gotten hacked. It wasn't until 5 or 6 days later that Sony finally admitted that this had happened. They went out of their way to fool customers by stating in a pop-up message that the "Network is down due to maintenance" when trying to log into PSN. Actually, that message is still on today. Am I lying? As far as I'm concerned that is deceiving behavior.As far as credit monitoring. What I suggested is not unheard of. Many companies have fallen victims to this type of activity and they offer customers a year of credit monitoring. A 3 month PSNplus card is $17.99 (approx $5.99 a month.) The service for credit monitoring is $9.99 per month or $7.99 per month if you pay the whole year. So Sony puts customers information at risk and throws $5.99 to each customer and we are supposed to feel satisfied?You are right that GeoHot is old enough to know what he was doing. However, what he did was not a criminal act. That is why he never got arrested just sued by Sony. Sony should learn from Apple who just did what they had to do to secure the iphones after GeoHot jail-broke the phone. Or they could have put him in their payroll like Google did. The fact of the matter is that the arrogance of Sony executives got the best of them and now we are paying for them."
As far as I'm aware, the maintanance message comes on anytime there is network downtime (likely because it is the most frequent cause of downtime), and they can't update it because, in case you haven't noticed, PSN is down. If I call you, then my phone's battery dies, and it turns out what I said earlier was wrong, I didn't willfully decei ve you, I was acting upon the information I had. I'm sure you would have preferred Sony delayed the investigation to send out a system update just to change that phrase.
EVERY SINGLE NEWS POST I've read on the subject includes the line "free download," but everyone always ignores that and jumps straight on the PSN+. What you suggested (a year of those services), would cost 120 dollars per account (sorry, using the first number), would cost Sony over 9 billion 240 million dollars, and that's if those companies agree. It would be a huge waste of money. I'm surprised we're getting anything at all, especially since people keep whining about compensation (many times I have heard, "I don't care about my details, what am I getting out of this?" or something to that effect).
When a console is cracked, most people exploit it to pirate games. Sony was trying to protect their investments. I may not agree with the way they went about it, but it's true.
If it's only blue usernames defending Sony, then that's pretty telling. Because it means the people that have a PS3 as their primary console, the people that are really invested in Sony, don't really feel like this is that big of a deal, and they are the ones that really matter because they are most effected by this." @MrAristocrates said:
Fanboy. "" @WinterSnowblind said:
" @MrAristocrates said:Maybe it's because the people with the blue usernames aren't posting in the first article they see without looking anything else up. I'd be a lot more open to what you had to say if you weren't so rude about it.Also, again, research. We still don't have any evidence that the PSN credit card info was even accessed.I declare the word "fanboy" to be a variation on Godwin's law, in that someone will always bring it up. "" @Tekkor said:I find it highly amusing that it's only the people with blue usernames (and KaosAngel, who's a Sony fanboy anyway) defending them at this point. But please, point me in the direction if this research that I've clearly skipped over, that nulls the fact they've lost my personal details and maybe even my credit card information twice." You have to be either an employee of Sony or have a Sony fanboy tattoo to be defending them at this point. "Or do any research whatsoever. "
"
People that don't have their usernames in blue (even some that do have their name in blue) are probably PC/Xbox fanboys. So of course they are going to try and run Sony into the ground, and make as big of a deal out of this situation as they possibly can, because they want to try and make Sony look bad out of some creepy loyalty to Microsoft, and their current toy.
Honestly, I'm willing to bet that most of the people on this website that are crying out against Sony right now are the same people that have started threads saying that "Xbox is better than Sony." I bet almost none of it is legitimate anger at Sony. I mean, of course you will say it is, but we all know that it's really just 360 fanboys trying to take advantage of this situation in order to make Sony look bad so that you "win" and can say "See! Just another reason why the 360 is better!"
In addition, are you new to the internet or something? The internet is the place where people always blow things out of proportion. I'm pretty sure that's the primary use of the internet, and the reason it was invented. There are a small number of reasonable people that will try and keep situations in their proper place (kinda like what's happening now with people defending Sony), but it never works.
I really appreciate one of Patrick Klepek's tweets the other day. He linked to an article that was basically a game dev saying that people are idiots, that this situation isn't as big of a deal as people are making it out to be, and that everyone that's bashing Sony just needs to shut the fuck up. The article was pretty dead on. He should have posted it as a news article on our front page...
you know how many companies get information about customers hacked out of their databases on a daily basis? credit cards, names addresses, scammers and hackers already know most of this by simply mining your facebook page, it boggles the mind how people are so dumb about privacy on the internet, just as your ISP can see everything your doing and send you letter to cease and desist, a hacker can see everything you do on your PC if your not careful, having worked fixing others people computers for the past 10 years I can tell you that most Americans and users have no idea how to properly keeps their computers safe and secure, I am no way defending Sony, but I think people need to realize it happens everyday and it can happen to any company, it was Sony's turn today, perhaps tomorrow it is someone else's, it is the world we live in.
Learn from it and move on.
Oh and @WinterSnowblind My name being blue means nothing, I am a Huge PC gamer and barely touch my Consoles, yes Consoles as I own all 3 + a PsP and DSi, so I got no idea where your going with that fanboy nonsense.
" @MrAristocrates said:
It shouldn't have taken Sony 5 days to tell customers "yeah it might have been hacked, and it took them that long. They updated their blog on April 22nd to say "we are investigating the possibility of an external intrusion." The email I received said that it happened between April 17 to April 19. On April 21st they took the service down and just said "We’re aware certain functions of PlayStation Network are down. It may be a full day or two before we’re able to get the service completely back up and running. Please stay tuned to this space for more details, and we’ll update you again as soon as we can."" @Saga said:
Yes. Rumors. Because most giant companies trust rumors above their own investigations. They found out Monday, we found out Tuesday. It's not hard." @MrAristocrates:
From what I understand, 48 hours after PSN went down there were rumors that the network had gotten hacked. It wasn't until 5 or 6 days later that Sony finally admitted that this had happened. They went out of their way to fool customers by stating in a pop-up message that the "Network is down due to maintenance" when trying to log into PSN. Actually, that message is still on today. Am I lying? As far as I'm concerned that is deceiving behavior.
As far as credit monitoring. What I suggested is not unheard of. Many companies have fallen victims to this type of activity and they offer customers a year of credit monitoring. A 3 month PSNplus card is $17.99 (approx $5.99 a month.) The service for credit monitoring is $9.99 per month or $7.99 per month if you pay the whole year. So Sony puts customers information at risk and throws $5.99 to each customer and we are supposed to feel satisfied?
You are right that GeoHot is old enough to know what he was doing. However, what he did was not a criminal act. That is why he never got arrested just sued by Sony. Sony should learn from Apple who just did what they had to do to secure the iphones after GeoHot jail-broke the phone. Or they could have put him in their payroll like Google did. The fact of the matter is that the arrogance of Sony executives got the best of them and now we are paying for them.
"
As far as I'm aware, the maintanance message comes on anytime there is network downtime (likely because it is the most frequent cause of downtime), and they can't update it because, in case you haven't noticed, PSN is down. If I call you, then my phone's battery dies, and it turns out what I said earlier was wrong, I didn't willfully decei ve you, I was acting upon the information I had. I'm sure you would have preferred Sony delayed the investigation to send out a system update just to change that phrase.
EVERY SINGLE NEWS POST I've read on the subject includes the line "free download," but everyone always ignores that and jumps straight on the PSN+. What you suggested (a year of those services), would cost 120 dollars per account (sorry, using the first number), would cost Sony over 9 billion 240 million dollars, and that's if those companies agree. It would be a huge waste of money. I'm surprised we're getting anything at all, especially since people keep whining about compensation (many times I have heard, "I don't care about my details, what am I getting out of this?" or something to that effect).When a console is cracked, most people exploit it to pirate games. Sony was trying to protect their investments. I may not agree with the way they went about it, but it's true. "
They had to have known that something was wrong at that point, even without knowing what data was stolen. There is a government investigation into them waiting, and for good reason.
The scarier part about this is the possibility of it being an inside job of employees who were fired 2 weeks earlier from SoE. If they are the ones who knew the weaknesses they could also know how to get the passwords that were hashed, seeing as how nothing was encrypted.
Also, no one is telling you to cancel your credit card, they are saying get a new card issued to you. Even the slightest possibility of someone having your card in a huge list is enough of a reason to make a simple phone call and get a new card mailed to your house.
" @xtrminatr: "Investigating the possibility of an external intrusion". This is not the same thing as "your personal information may have been compromised." "This is true, but that's really the only thing it could have meant if they took the network down for it. Sony has known within a day after when people who hacked their consoles got online. Whenever the "hackers", and I use that term loosely, have gotten back on psn with modded consoles Sony has never taken the network down, they just worked on a new firmware update quietly. For them to have taken the network down they had to know it was serious is what I'm getting at. And there should have been something in place for them to know the day of or at least within 24 hours if their security on a database was compromised.
Sony seemed to have had an attitude that they had defeated the hackers after four years of the console being untouched. They felt they were one step ahead with removing other-os and neglected to secure the user information in anything other than a plain text file with non-encrypted passwords.
I can't say I like the way this is being reported. "Only" 900 aren't expired. So everyone's safe then. Yay.
Except for the fact that most card issuers don't change the card number when it expires. They issue a new one with the exact same number, only updating the expiration date. So (assuming a standard number of users allowed the cards to renew) out of the 12,700 cards, it's likely that at least 10,000 are compromised. Not 900. All you have to do is add 3-4 years to the expiration date depending on the issuer. And since the first few numbers of the card are codes for the card type and issuer, that's not hard to figure out.
Sony needs to put aside it's spining of these numbers, and warn people of facts like this, instead of giving them a false sense of security by suggesting that only the 900 cards that are still active are at risk. And if Sony won't, then the media needs to step up and do it, instead of just parroting what Sony says.
I love the terms Sony continually uses...maybe, may have, possibly and oh unlikely your credit cards are out in the wild...
Not wanting to buy a product from a company that not only leaks your personal information and credit card details, but then acts like it's not a big deal: being a big baby."@m0rdr3d said:"Except they were secure. Just separate.Nice going, Sony! "Meh. They were mostly expired cards. Why secure em."
Don't think I'll be doing business with those pricks ever again. Anyone wanna buy a PS3 Slim?
"
But hey, feel free to be a big baby about all of this and act like Sony fucked you in the ass with a steel rod. Also, SOE is totally separate from the Playstation division. Sony is so big with so many parts, it's basically a confederation, in business form. Blaming one division for the failing of another is just silly.
By the way, all of those parts failed, not just one. So good job. Keep on fighting the good fight.
Please Log In to post.
This edit will also create new pages on Giant Bomb for:
Beware, you are proposing to add brand new pages to the wiki along with your edits. Make sure this is what you intended. This will likely increase the time it takes for your changes to go live.Comment and Save
Until you earn 1000 points all your submissions need to be vetted by other Giant Bomb users. This process takes no more than a few hours and we'll send you an email once approved.
Log in to comment