I, too, remember when the hackers attacked PSN, after compromising a computer at the Defense Department.
on March 3rd.
How would you change your PSN without being logged in to PSN?
Wow this sucks hard for ps3 owners goodluck to everyone.
" It's stuff like this that makes me glad I dont have a PS3. XBOX LIVE FTW lol "
" I was actually watching it being hacked. And DDoS'd earlier. "
Patrick earning his newsy hat HARDDDD.
Changed all passwords, especially my bank one. What's awesome is that my PS3 disc drive broke, after a sony rep already caused me to lose access to all my game data, and they still want me to pay them 130 bucks to fix it.
I wish the Sony users the best of luck in this crapfest, it shouldn't happen especially on such a large scale to anybody no matter the platform. That said, thankfully, I don't have a paid account with any of the platforms so that is a relief to me. It's sad that we live in times with many mass hacks and breaches of personal data, at schools, credit card go-betweens, online entertainment, etc. And never mind if the credit card companies say they'll protect you from fraud, who'll protect us from the credit reporting agencies and their mismash of hard to clean up records.
What a fucking shitstorm. Good job, Sony. More shit to worry about.
If anyone wants to know how the hackers got in, I found this info on PSX Scene, from user SKFU.'The PSN is down, all accounts got dumped by an anonymous hacker and the community is cryin' for answers. 77 million accounts with password and sometimes CC info are worth a lot in several hack chans. This is a very huge case. Now SONY engaged an external security company to discover the holes in SONY's system and find answers. As I was wondering if there may be some information about the actual case we can find out publically, I researched a bit myself. One interesting point I found is a not secured access log of a PSN environment. You will quickly notice the IP 126.96.36.199, which sends requests like a vulnerability scanner. The IP points to the DoD Network Information Center, based in Ohio USA. The first log entry of this IP is [03/Mar/2011:07:10:38 -0800]. As the DoD is knows as beeing easy to hack, the anonymous hacker could have used this as proxy. Maybe SONY might want to take a look at this IP, I hope soon we get some news and details about the case...' - SKFU
It's stuff like this that makes me glad I dont have a PS3. XBOX LIVE FTW lol
I wouldn't be too worried about your passwords being exposed. Even Sony can't possibly be so incompetent as to store our passwords in plaintext or with a simple hash. Even the least experienced among us know that at the very least, you encrypt passwords with a salted hash so that they would be very difficult for someone to suss out (and probably computationally prohibitive if you're talking about doing so for 75-million passwords). If this isn't the case and the data was stored either as plaintext or a simple hash (meaning passwords can be exposed using a simple rainbow table attack) then it's a level of negligence that should almost border on criminal. http://www.codinghorror.com/blog/2007/09/youre-probably-storing-passwords-incorrectly.html
" @Magma_Pear: Mate, your a fucking legend and I agree 100%, thanks for venting, on behalf of all of us! "
Patrick, Giantbomb couldn't have hired you at a better time.
I don't think I've given PSN my credit card info, but the password stuff certainly is disconcerting.
Any word of whether this is only affecting PSN, or possibly other Sony services, like SOE?
" Wow! I sound like an asshole right now but, this's how buying a console on Amazon from an asshole that failed to tell me that he'd got himself booted from using PSN, and with him his consoles serial code, when I bought it off him. Due to this I can't go online, and luckily that saved me from this major shitstorm that Sony is now diving headlong into deep waters. Their fault or not they're kind of fucked so very, very badly right now.I hate that they are, but this's just an unavoidable fact. This makes Microsofts RROD look like small kids playing in a small inflatable paddling pool compared to Sony's, very probably, quadruple-billion dollar court case loss. "
Wow! I sound like an asshole right now but, this's how buying a console on Amazon from an asshole that failed to tell me that he'd got himself booted from using PSN, and with him his consoles serial code, when I bought it off him.
Due to this I can't go online, and luckily that saved me from this major shitstorm that Sony is now diving headlong into deep waters. Their fault or not they're kind of fucked so very, very badly right now.
I hate that they are, but this's just an unavoidable fact.
This makes Microsofts RROD look like small kids playing in a small inflatable paddling pool compared to Sony's, very probably, quadruple-billion dollar court case loss.
Thanks to the Kotaku mess a few months ago I have changed e-mail addresses and passwords of just about everything, but I left my PSN account on the old e-mail address since I only owned a PSP and didn't need it. I can't remember, but I'm hoping I never entered my debit card info. They may have everything else, but at least they don't have that. Damn internet.
Thanks for waiting a week fuckers.
I was actually watching it being hacked. And DDoS'd earlier.
I'm going to risk getting flamed for saying this but... I purchased MK on the PS3 instead of 360 this time around because of Kratos and I feel I'm owed a little venting right now.
I'm going to say this is all Sony's fault, and there's no point in explaining all the reasons because it doesn't really matter. But I think that if you look at all the events of this generation I think you'll see that Sony has done EVERYTHING, as if intentional, to not only get the attention of hackers, but to piss them off too. It goes all the way back to the launch with few games, making claims of the PS3 being more than just a console as compensation, and having Linux support to begin with - that attracted the hacker crowd right there, that's what got Geohot involved.
Then they took Linux away, then Geohot hacked it back, then they mishandled that situation and sued Geohot, got themselves on the news for arresting other hackers, made ridiculous legal demands that violated people's privacy on unrelated services like youtube of all places - all only to settle and come out a big loser with Geohot walking away with a 10K donation to the EFF. But not before anonymous got pissed off enough for them to LIOC the crap out of Sony - while other hackers, also anonymous did the real damage by infiltrating the PSN system using Geohot's custom firmware running on one of Sony's own PS3 systems, via Linux.
There is a lesson in this for Sony. A pretty damn big one. STICK TO THE FUCKING VIDEO GAMES YOU FUCKING ASSHOLES. Next time don't muck around with internet browsers and running desktop operating systems and all that stupid, non-gaming related, curing cancer bullshit. Take a lesson from MS and make your games machine just that and that only! I can't believe how fucking stupid Sony is to not only have such embarrassingly horrible PS3 security, but to also make the PS3's security the ONLY line of defense that PSN had. Client side only security? What year is this, 1995? No wait, client side only security was horrible back then too. The horrible irony of this whole situation is that Sony is so fucking stupid, that it was the Linux support they first gave and then tried to take away that was used to hack PSN, right from a PS3 running CFW. There's so many layers to just how badly they set themselves up for this that they MUST deserve it.
It only does everything huh? Fucking morons. How about next time it ONLY DOES VIDEO GAMES? I mean, did anyone ever fucking ask for anything other than the next Playstation games machine? Which one you assholes asked for everything? 77 million users compromised. God Sony, you are so fucked.
so... when are we gonna pay China back for this?
Should be a cinch to find the hacker though...Just look for any forum with an enormous uptick in postings of the "Cool Story Bro" picture and its variants and lots of occurrences of "tl:dr" in one thread, as right there above them with be a massive list of 77 million email address and details.
I have a new credit card on the way so that's all good. What pisses me off is that I have to call the gas, cable, and electricity companies to change my automatic credit billing. Thanks Sony!
This is the one time that I am glad not to own a ps3. i was going to get one next month. now? idk.
I can't wait for someone to sue Sony for 0.000001% of their daily income over this.
Well looks like I'll have to get a new credit card. Thanks a lot hackers, I hope your E-Peen is happy.
dude, sony, get some better security guys. if shit happens to my fucking credit card or account i'm gonna fucking lose it.
this is for real, my gmail was hacked...
Good thing I haven't bought anything from PSN in years. Turns out that the best defense against losing a customer's identity is to make your entire service completely unappealing to them. Kudos, Sony.
I have both the PS3 and the Xbox....and honestly,
Already news improvements on the site :) Thanks Patrick! And thanks Giantbomb for hiring him :P
Glad I never bought anything off psn, all I gotta do is change my passwords.
Playstation Plus...the gift that keeps on giving. And you thought all those downloads were free..
" @DarkTravesty said: " @Snapstacle: and i'd rather pay $30-$40 for xbox live than have my identity stolen and credit rating ruined. "U MAD BRO? "
" @Snapstacle: and i'd rather pay $30-$40 for xbox live than have my identity stolen and credit rating ruined. "
Damn. I'll say it again, only an idiot would save their CC info on any console... but it sucks no online for another week!? BTW, love the news here now.
Luckily, I'm pretty sure I didn't have a card associated with my PSN account. But I am about to spend the evening changing as many passwords as I can think of. Thanks, Sony.
This is a PR disaster, it's been covered, well researched or poorly, by most major news corporations. "Video game consoles can be hacked and credit card info stolen", can see the headlines now
Thanks Sony! Why couldn't you tell us to take precautions last week!
Well... passwords are changed... and I have a new credit card on the way... maybe over reacting, but on the other hand, it cost me nothing to change those things and I can worry less... I think. >_>
well if our personal info DID get cracked...and they didn't bother to fucking tell us for a week. Fuck you sony, I hope a serious lawsuit drags your asses into the ground for any damages done.you don't wait a fucking week to let people know their shit got compromised.