Sony hacked again : Othor Games

» Wed Oct 12, 2011 11:44 pm

http://techcrunch.com/2011/10/12/sony-reports-massive-hack-attempt-on-networks-93000-accounts-affected-globally/

Details are scarce at this point, but a Sony spokesman is quoted as saying that his company observed attempts to hack into 35,000 accounts in the US and another 24,000 in Europe between October 7 and 10. Again, Sony is claiming that “if you have a credit card associated with your account, your credit card number is not at risk.”.

» Wed Oct 12, 2011 8:14 pm

And Just when I began trusting them with my Credit Card again.. :cold:

» Thu Oct 13, 2011 5:00 am

Again already? And here I was about to cave in and grab a PS3 (never owned a Playstation before and figured why not), but this is pretty crazy.

http://blog.us.playstation.com/author/preitinger/
An Important Message From Sony’s Chief Information Security Officer

Spoiler

+ Posted by Philip Reitinger // SVP & Chief Information Security Officer, Sony Group

We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.

Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them. Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet.

As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password.

Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.

We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites. We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.

» Thu Oct 13, 2011 6:31 am

Oh dear, here we go again...

» Thu Oct 13, 2011 3:15 am

Again already? And here I was about to cave in and grab a PS3 (never owned a Playstation before and figured why not), but this is pretty crazy.

http://blog.us.playstation.com/author/preitinger/
An Important Message From Sony’s Chief Information Security Officer

Spoiler

+ Posted by Philip Reitinger // SVP & Chief Information Security Officer, Sony Group

We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.

Less than one tenth of one percent (0.1%) of our PSN, SEN and SOE audience may have been affected. There were approximately 93,000 accounts globally (PSN/SEN: approximately 60,000 accounts; SOE: approximately 33,000) where the attempts succeeded in verifying those accounts’ valid sign-in IDs and passwords, and we have temporarily locked these accounts. Only a small fraction of these 93,000 accounts showed additional activity prior to being locked. We are currently reviewing those accounts for unauthorized access, and will provide more updates as we have them. Please note, if you have a credit card associated with your account, your credit card number is not at risk. We will work with any users whom we confirm have had unauthorized purchases made to restore amounts in the PSN/SEN or SOE wallet.

As a preventative measure, we are requiring secure password resets for those PSN/SEN accounts that had both a sign-in ID and password match through this attempt. If you are in the small group of PSN/SEN users who may have been affected, you will receive an email from us at the address associated with your account that will prompt you to reset your password.

Similarly, the SOE accounts that were matched have been temporarily turned off. If you are among the small group of affected SOE customers, you will receive an email from us at the address associated with your account that will advise you on next steps in order to validate your account credentials and have your account turned back on.

We want to take this opportunity to remind our consumers about the increasingly common threat of fraudulent activity online, as well as the importance of having a strong password and having a username/password combination that is not associated with other online services or sites. We encourage you to choose unique, hard-to-guess passwords and always look for unusual activity in your account.

Get a PS2

And :ahhh:

» Thu Oct 13, 2011 12:01 pm

X box 360 here I come... *sigh*

» Wed Oct 12, 2011 10:42 pm

Whoops!

» Wed Oct 12, 2011 11:17 pm

Generally I'd use this as an excuse to gloat about my 360, but to be honest this just svcks for the whole gaming industry, not just Playstation users. Surely they must've bumped up their security measures after last time?

» Thu Oct 13, 2011 12:11 pm

Generally I'd use this as an excuse to gloat about my 360, but to be honest this just svcks for the whole gaming industry, not just Playstation users. Surely they must've bumped up their security measures after last time?

They did, the hackers didn't get any credit card details this time.

» Wed Oct 12, 2011 11:20 pm

Internet is nothing but trouble. Only online DRMs, DLCs and identity thefts

And i hope they atleast learned to encrypt some of the sensitive data after last time :lmao:

» Thu Oct 13, 2011 1:50 am

Things like this make me glad I only use pre-paid PSN Cards for PSN, I'm to paranoid to do anything like online shopping >_>

» Thu Oct 13, 2011 12:43 am

Well this svcks, I've never tried a PS3 and was thinking of buying one for my son.

» Thu Oct 13, 2011 3:30 am

Good. Microsoft should lower their fees again

» Thu Oct 13, 2011 12:43 am

Wow... That didn't take too long, did it?

Seems stuff was better protected than last time, at least.

» Thu Oct 13, 2011 7:38 am

Only 93000 users this time, thank goodness.

» Thu Oct 13, 2011 6:24 am

http://kotaku.com/5848894/somebodys-trying-to-break-into-your-psn-accountagain

As someone else said in the comment section of that article :

This is not actually a breach of Sony's security at all, if you read the article.

Attackers got a hold of people's usernames/passwords from somewhere else (i.e. not Sony), and decided to try those combinations on PSN. This is exactly why it's a bad idea to use the same username/password combination for multiple services.

Of course, every "journalist" falls for sensationalist mode and mangles the truth beyond recognition nowadays :/

» Thu Oct 13, 2011 2:59 am

http://kotaku.com/5848894/somebodys-trying-to-break-into-your-psn-accountagain

As someone else said in the comment section of that article :

Of course, every "journalist" falls for sensationalist mode and mangles the truth beyond recognition nowadays :/

Probably a bunch of What If's in there.

» Thu Oct 13, 2011 8:27 am

I'm sorry, just :rofl:

» Thu Oct 13, 2011 3:37 am

Here's from the mouth of Sony itself :

We want to let you know that we have detected attempts on Sony Entertainment Network, PlayStation Network and Sony Online Entertainment (“Networks”) services to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources. In this case, given that the data tested against our network consisted of sign-in ID-password pairs, and that the overwhelming majority of the pairs resulted in failed matching attempts, it is likely the data came from another source and not from our Networks. We have taken steps to mitigate the activity.

From http://blog.eu.playstation.com/2011/10/12/an-important-message-from-sonys-chief-information-security-officer/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+SCEEBlog+%28blog.eu.playstation.com%29&utm_content=Google+Reader

» Thu Oct 13, 2011 2:04 am

:gun: :flame: :facepalm: :shakehead: :banghead: :brokencomputer:

Good job I don't have a credit card linked to my PSN account.

» Thu Oct 13, 2011 6:26 am

Ugh, hopefully this doesn't affect too much but I guess its another reason to laugh at my friend who's a big fan boy of Playstation.

» Wed Oct 12, 2011 11:56 pm

Well this svcks, I've never tried a PS3 and was thinking of buying one for my son.

It's not really a big issue, to me at least. You can play a PS3 with games bought on disk, without ever having any account issues or having to put personal or credit card info into the system. And even if you DO want to buy something from their online shop, instead of putting your CC info into an account, you can drive to Gamestop and buy a giftcard that you can enter into your account to give it a bit of $$ to spend.

(I may do that soon.... grab a $20 card, then use it immediately to buy a few old PS1 RPGs for $6 each.)

So, unless your son either wants to do lots of online purchasing, or is irresponsible/young enough that he'd steal your credit card and use it to run up alot of charges, this shouldn't have a big effect on your decision. :shrug:

------
(meanwhile, hackers are constantly trying to hack into anything that stands out. The instant Sony said "okay, we've improved our security since that last hack", it sounded the dinner bell for people to try harder. It's really a no-win situation for companies.)

» Thu Oct 13, 2011 5:22 am

Of course, every "journalist" falls for sensationalist mode and mangles the truth beyond recognition nowadays :/

That and forum users, judging by how few of the replies actually read the article/info.

» Wed Oct 12, 2011 9:26 pm

Ugh, hopefully this doesn't affect too much but I guess its another reason to laugh at my friend who's a big fan boy of Playstation.

not really, it's just people using information floating on the internet to see if they can login to anyone's account, it could have even come from the list from lulzsec

there was no security breach, just idiots thinking they can brute force hack by using passwords and usernames from a list

attempts to hack into 35,000 accounts in the US and another 24,000 in Europe

this part was a dead give away that sony wasn't hacked

» Wed Oct 12, 2011 10:30 pm

not really, it's just people using information floating on the internet to see if they can login to anyone's account, it could have even come from the list from lulzsec

there was no security breach, just idiots thinking they can brute force hack by using passwords and usernames from a list

this part was a dead give away that sony wasn't hacked

Okay... so what's your point. I get that nothing really has come of it so far but it's still a nice reason to laugh at my friend.