Playstation Network still down. - Page 2

Cardinals.Ken · May 2nd, 2011, 07:32 AM

Sony said it plans to get the network back up and running this week, and that it's offering some make-good gifts to gamers whose private data has been exposed and who haven't been able to play online for nearly two weeks.

On a PlayStation Blog post, the company states it will:

*Offer 30 free days of its premium PlayStation Plus membership, and add a free 30 days to the subscriptions of current subscribers.

*Present the same free-30-day deal for its Qriocity streaming music and video service.

*Offer as-yet unannounced "free PlayStation entertainment" content for download.

The PlayStation Network relaunch, which will require everyone to download a system update and change their password, will re-activate online multiplayer for the PS3 and PSP, open up access to account management, friends lists and its generally worthless Second-Life-like playroom, PlayStation Home.

Mathew81 · May 2nd, 2011, 04:44 PM

Sony hacked again

http://www.wired.com/gamelife/2011/0...tainment-hack/

DarenG · May 4th, 2011, 07:49 AM

Quote:

Originally Posted by Mathew81

Sony hacked again

http://www.wired.com/gamelife/2011/0...tainment-hack/

Wow. Not all the free stuff in the world is going to make up for this.

Cardinals.Ken · May 4th, 2011, 07:59 AM

The way Sony has begrudgingly admitted that they were hacked, and then the extent of the attack kind of brings the whole Fukushima plant press conferences into perspective.

Quote:

SECURITY UPDATE

As previously announced, we have been conducting an ongoing, thorough investigation stemming from the cyber attack in April and promised to notify you should there be any changes to the situation.

A press release was issued May 2, 2011 outlining these details. We are sending customer service notifications via email to all of our impacted account holders whose customer data may have been stolen as a result of an illegal intrusion on our systems. These emails will be sent by Innovyx, our third party email distributor, and will contain either 'soe.innovyx.net' or 'soe.sony.com' in the sender field.

SOE is committed to delivering secure, stable and entertaining games for players of all ages and we're working around the clock to ensure this situation is resolved as quickly as possible. We deeply regret the inconvenience this has caused and appreciate your continued patience and feedback.

Sincerely,
Sony Online Entertainment

CUSTOMER SERVICE NOTIFICATION
May 2, 2011

Dear Valued Sony Online Entertainment Customer:
Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.

Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly.

There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.

We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible.

We apologize for the inconvenience caused by the attack and as a result, we have:

1) Temporarily turned off all SOE game services;

2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and

3) Quickly taken steps to enhance security and strengthen our network infrastructure to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When SOE's services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your Station or SOE game account name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a "fraud alert" on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

We are committed to helping our customers protect their personal data and we will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in regions in which such programs are commonly utilized.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1 (866) 436-6698 should you have any additional questions.
Sincerely,

Sony Online Entertainment LLC

Cardinals.Ken · May 4th, 2011, 08:07 AM

Quote:

Originally Posted by Mathew81

Sony hacked again

http://www.wired.com/gamelife/2011/0...tainment-hack/

For what it's worth...

SOE answers our questions about the recent database incursion

Quote:

Q: If the SOE and PSN servers are separate, how was this part of the original attacks?

A: While the two systems are distinct and operated separately, given that they are both under the Sony umbrella, there is some degree of architecture that overlaps. The intrusions were similar in nature. This is NOT a second attack; new information has been discovered as part of our ongoing investigation of the external intrusion in April.

DarenG · May 4th, 2011, 12:38 PM

Interesting that Sony claims there is no evidence of compromised data yet they encourage you to add a Fraud Alert to your credit. That tells me they don't really know and not to mention those fraud alerts don't often work.

What is suppose to happen is that when you apply for credit, the creditors are suppose to validate your identify before granting credit. They often just ignore the alerts. So, if you information was compromised...good luck.

Cardinals.Ken · May 5th, 2011, 09:19 AM

The son of one of my clients came in the office this morning. I saw a Guy Fawkes mask hanging off of his rear view mirror.

I asked him "Is that a Guy Fawkes mask?"
He said "Yeah. Pretty cool huh?"
I said, half-way joking, "Thanks or crashing Sony! I can't download Tetris for my wife now!"

He just kind of smirked...I didn't want to press it too much. My kung-fu is strong, but old. lol

BigRedRage · May 5th, 2011, 02:06 PM

Quote:

Originally Posted by Gee!

How so? They could have done it to Xbox too..

why didnt they? I have to believe since we pay microsoft and microsoft is the corporation they are that they have spent a good amount of money protecting this.

DarenG · May 5th, 2011, 02:28 PM

Quote:

Originally Posted by BigRedRage

why didnt they? I have to believe since we pay microsoft and microsoft is the corporation they are that they have spent a good amount of money protecting this.

It's not like they have not tried. The only thing they have managed to accomplish was a denial of service attack some time back. XBOX Live was back up and running within a few hours.

mojorizen7 · May 5th, 2011, 02:30 PM

Quote:

Originally Posted by BigRedRage

why didnt they? I have to believe since we pay microsoft and microsoft is the corporation they are that they have spent a good amount of money protecting this.

I think this has merit...good point.

Still, i refuse to pay for an online gaming service after i've already:
1) Spent hundreds on the console
2) Spend $60 a pop for newly released games
3) Spend money for DLC
4) And the biggest reason.....i'm already spending monthly for internet service in general.

Paying to play online is ignorant.

DarenG · May 5th, 2011, 05:10 PM

Wow... new details being released:

.......security experts discovered discussions on forums that talked about how the PSN's security was lacking. He said that the threads revealed that the network was using old versions of the Apache Web server software, which "was unpatched and had no firewall installed."

it's inexcusable that Sony not only ran obsolete software on servers containing confidential data, but also that the company continued to do so after this information was publicly disclosed," said Consumer Reports technology editor Jeff Fox.

BigRedRage · May 6th, 2011, 05:42 AM

Quote:

Originally Posted by mojorizen7

I think this has merit...good point.

Still, i refuse to pay for an online gaming service after i've already:
1) Spent hundreds on the console
2) Spend $60 a pop for newly released games
3) Spend money for DLC
4) And the biggest reason.....i'm already spending monthly for internet service in general.

Paying to play online is ignorant.

I happily pay for the service and find it far superior to other services and well worth my money. If you time it right you end up paying 50% of the actually yearly bill too. To keep my servers up always, have lag free everything and one central server, constant upgrades and smooth working everything I am all for it.

Even if I pay 50 bucks, thats less than 5 bucks a month, Id pay more.

The real scam is EA charging per game to play online.

Cardinals.Ken · May 6th, 2011, 07:32 AM

Here's something new, details on the credit-monitoring aspect of Sony's "make good" promises:

Sony Offering Free ‘AllClear ID Plus’ Identity Theft Protection in the United States through Debix, Inc.

DarenG · May 6th, 2011, 09:20 AM

Quote:

Originally Posted by Cardinals.Ken

Here's something new, details on the credit-monitoring aspect of Sony's "make good" promises:

Sony Offering Free ‘AllClear ID Plus’ Identity Theft Protection in the United States through Debix, Inc.

The part of about it that is a joke is "identity restoration specialists." What they don't tell you is that this process to "restore" your identity can take years. My brother had this protection service, had his ID stolen and 1 and 1/2 years later is still trying to get things straightened out.

A friend of his that had his information compromised at the same time had a different ID protection service and is in the exact same boat.

Cardinals.Ken · May 6th, 2011, 12:07 PM

Sony subpoenaed by New York AG