I have not seen a thread talking about this, so here is it for those that don't know it if any, as it's an important issue if you have your credit card data into PSN for games, etc purchases.

Here is the latest update and FAQ by Sony:


Q.1 When did you realise the system had been intruded?

We discovered between April 17 and April 19 there was an illegal and unauthorized intrusion into our network.

Q.2 How did you know that the system was intruded?

We watch for any issues that may be raised with respect to security and monitor for such issues both internally and externally.

Q.3 What is the main reason to this problem? Which parts of the system were vulnerable to the intrusion?

We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we will not comment further on this case.

Q.4 What action did you take (are you taking)? Is there any possibility of further unauthorized access?

As soon as we learned of this issue, 1) we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services, 2) we have also engaged an outside, recognized security firm to conduct a full and complete investigation into what happened, and 3) quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

Q.5 How many were affected? How many per each region? What is the latest status of PlayStation Network registered account/ operating countries.

Our investigation indicates that all PlayStation Network/ Qriocity accounts may have been affected.

Q.6 Does that mean all users’ information was compromised? Tell us more in details of what personal information leaked.

In terms of possibility, yes. We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password, login, password security answers, and handle/PSN online ID. It is also possible that your profile data may have been obtained, including purchase history and billing address (city, state/province, zip or postal code). If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. If you have provided your credit card data through PlayStation Network or Qriocity, it is possible that your credit card number (excluding security code) and expiration date may also have been obtained.

Q.7 Have you notified those users?

We are sending out e-mails directly to these users to their e-mail address registered on the PS Network accounts. Also, we have posted web notices, and additional necessary procedures have been followed by each region.

Q.8 Have you received reports or claims that their PSN ID information/ credit card had been used improperly?

Not at this point in time.

Q.9 I want to know if my account has been affected.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.
For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

Q.10 What should I do to prevent any unauthorized use of my (credit card) personal information?

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports.

Q.11 Since when have PSN/Qriocity become unavailable and in which region?

PSN/Qriocity services have not been available since April 20 (US time) in all regions.

Q.12 How come it is taking so much time to resume the service?

We are taking the investigation seriously. We decided to keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services.

Q.13 How serious is this? Have the hackers broken the security on PSN/Qriocity? Are you taking necessary measures to prevent such outage happening in the future?

Since this is an overall security related issue, we will not comment further on this case but we are working to restore and maintain the services, including countermeasures against future intrusions.

Q.14 When will the service resume?

We are taking the investigation seriously. We will keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services but are working hard to resume the services as soon as we can be reasonably assured security concerns are addressed.

Q.15 Seems like SOE service was also not available/ suffering outage. Is this true? Is this due to the same reason as the PSN/Qriocity outage?

SOE's service is available although a service interruption due to an external attack did occur. A thorough investigation is ongoing.

Q.16 I want my money back (subscription fee, content) since the PSN/Qriocity was not available.

When the full services are restored and the length of the outage is known, we will assess the correct course of action.

Q.17 There seems to be some games that cannot be played even offline?

Depending on the game titles, but mainly PSN games, some may require access to PSN for trophy sync, security check, etc.

It's in the Video Games thread at 2011 Video Games Thread - Front Office Football Central (http://www.operationsports.com/fofc/showthread.php?t=80240)

but not in any great detail

I was wondering why my PSN login was acting weird the past few weeks. I keep myself logged in for things like Netflix and the Netflix app has been telling me I am not logged into PSN since around that time period. I then go to PSN login, try to login again, and it does nothing really. Then I go back to Netflix and it barks at me again but hitting cancel (or circle) allows me to browse and watch movies.

Glad FOFC was there to notify me of this type of shit...PSN dam sure didn't. Also glad I never input my CC to those idiots.

Glad FOFC was there to notify me of this type of shit...PSN dam sure didn't. Also glad I never input my CC to those idiots.

+1

Although I did see something about it somewhere else on the web a few days ago. But certainly not from PSN/Sony. Fuckwads.

+1

Although I did see something about it somewhere else on the web a few days ago. But certainly not from PSN/Sony. Fuckwads.

I actually got an e-mail last night. But it's definitely overdue. Should have been sent much sooner. I went ahead and called the credit card company and put a fraud alert on my card just in case.

I actually got an e-mail last night. But it's definitely overdue. Should have been sent much sooner. I went ahead and called the credit card company and put a fraud alert on my card just in case.

I probably got one too...I just used a @yahoo.com email that I never check as my sign-in email.

In the biggest Spanish consoles forum, there are some reports with screenshoots of fraudulent uses of their credit cards already, mainly payments attempts in online shops (up to $600) and in Netflix, so take a look at your cc statements just in case yours have been used too.

they ought to buy a years worth of protection for everyone (short Sony)

I never heard of this until last night when one of my friends mentioned it. Yup, Sony, you dropped the ball big time on this without making sure notifications went out via email to everyone. Since you obviously had them, knew over a WEEK ago, yet, still nothing from you. Since I downloaded the map packs for Black Ops on there, now I have to call my bank to make sure that nothing has been compromised. Sure would have been nice to know this not long after you guys found out about it.

I haven't received an email, and my CC was saved there. Fantastic. Just checked my card, and there aren't any fraud purchases, but I'll let them know anyway.

I haven't received an email, and my CC was saved there. Fantastic. Just checked my card, and there aren't any fraud purchases, but I'll let them know anyway.


Just no excuse in the world to not notify you ASAP.....

From the Sony email...

- We have also provided names and contact information for the three major U.S.
credit bureaus below. At no charge, U.S. residents can have these credit bureaus
place a "fraud alert" on your file that alerts creditors to take additional steps
to verify your identity prior to granting credit in your name. This service can
make it more difficult for someone to get credit in your name. Note, however,
that because it tells creditors to follow certain procedures to protect you,
it also may delay your ability to obtain credit while the agency verifies your
identity.

Ok, we bought rockband songs awhile back using a CC on PSN (not a 100% sure it is one we still have, it's been awhile). Anyone have any experience with what extra steps they take to verify your identity?

How big a pain is it trying to shop with a "fraud alert" card? Are you delayed every time you try to checkout?

Does this card become virtually useless to use for online shopping?

Is one better off just cancelling the card and getting a new one?

How does this affect something like going to buy a new car or any major purchase? Right now with my credit I can easily go buy a car and drive away no questions asked. Does this only change with them having to make a phone call or two?

Thanks.

From the Sony email...



Ok, we bought rockband songs awhile back using a CC on PSN (not a 100% sure it is one we still have, it's been awhile). Anyone have any experience with what extra steps they take to verify your identity?

How big a pain is it trying to shop with a "fraud alert" card? Are you delayed every time you try to checkout?

Does this card become virtually useless to use for online shopping?

Is one better off just cancelling the card and getting a new one?

How does this affect something like going to buy a new car or any major purchase? Right now with my credit I can easily go buy a car and drive away no questions asked. Does this only change with them having to make a phone call or two?

Thanks.

I believe it only comes into play if someone tried to obtain new credit. A new CC, finance something, things like that.

I believe it only comes into play if someone tried to obtain new credit. A new CC, finance something, things like that.

thanks.

Yeah I'd say trying to get a new CC is not a good idea right now.

U.S. Only for the fraud alert? Does Canada not have that? I was gonna call to put a fraud alert on so now I'm confused.

Just no excuse in the world to not notify you ASAP.....

There has got to be some legal ramification to not notifying as soon as you know there might have been a breach, right? How can you not let people know their cards have been compromised and not be liable for any bad shit that goes down in the meantime.

To be extra sure, you can call your credit card company and ask them to close out your account number and transfer everything to a new credit card number. I did this a while back when I lost a card while traveling.

I canceled my account awhile back, last year when they removed the "other OS" option from the bios. Now I get an email today about this. Apparently they did not delete my info.

Finally got the email just now... It'll be a pain, as I use that card for a lot of saved/auto things, but I suppose I can get a new one. The email says it's not certain card numbers were compromised; do we have any confirmation that they were? I think I used an incorrect b-day when I signed up for that thing, so the CC is the big concern.

I wonder if you only get an email if you stored a CC on file? I have never used a CC with them but still have not received an email mentioning this problem.

I wonder if you only get an email if you stored a CC on file? I have never used a CC with them but still have not received an email mentioning this problem.

I believe they have only sent emails to accounts whose information they believe have been compromised.

I believe they have only sent emails to accounts whose information they believe have been compromised.

Seems like they are just taking their time, I just got one this morning. To hell with numbers to call in credit alerts that inconvenience us, they should pay for a year of credit monitoring for those that may have been compromised.

To be extra sure, you can call your credit card company and ask them to close out your account number and transfer everything to a new credit card number. I did this a while back when I lost a card while traveling.

We called our CC company, been with them over 10 years, and they offered to do this without us even asking. Should have new cards in a few days.

Seems like they are just taking their time, I just got one this morning. To hell with numbers to call in credit alerts that inconvenience us, they should pay for a year of credit monitoring for those that may have been compromised.

Agreed. I am wondering what a hacker is missing to stop them from applying for credit using your name. Just a social security number? CC was a relatively easy fix as was changing any passwords, someone having info to be able to apply for credit is now my concern.

Still no email from them.

I got the email. And I'm as unimpressed with them today as I was when the news first broke.

Luckily I don't reuse passwords that get associated with credit cards.

/tk

Finally got my email this afternoon.

Finally got my email at 6:24pm. Somehow my view of them is not any different than before I received it.

Got mine a little before 6 last night. Gee Sony, sorry you had to go so far out of your way to inform everybody OVER a week after the incident. No apology either and yea, I know I can get a free credit report each year from the 3 major credit reporting bureaus, that's been the law for a few years now.

Update:

http://blog.us.playstation.com/2011/04/30/press-release-some-playstation-network-and-qriocity-services-to-be-available-this-week/

Everytime they post about Qriocity I really want to be all like, "what the fuck is Qriocity." I swear this almost seems like a publicity stunt in order to boost awareness of Qriocity or something. Just get PSN back running you stupid sony fucktards.

Everytime they post about Qriocity I really want to be all like, "what the fuck is Qriocity." I swear this almost seems like a publicity stunt in order to boost awareness of Qriocity or something. Just get PSN back running you stupid sony fucktards.

Same here. Every time I hear it, I think of Q-Link for the Commodore 64.

Two attempts to use my card last night at an online European hobby shop. My bank immediately flagged my card and blocked the purchases.

by you?

by you?

No, sorry for not being clear there. I went to buy something this morning and found out my card that was attached to my PSN account was locked. The reason was someone was trying to make some small purchases on the card.

EW YORK — Sony Corp. said Monday that hackers may have taken personal information from an additional 24.6 million user accounts after a review of the recent PlayStation Network breach found an intrusion at a division that makes multiplayer online games.

The data breach comes on top of the 77 million PlayStation accounts it has already said were jeopardized by a malicious intrusion.

The latest incident occurred April 16 and 17 — earlier than the PlayStation break-in, which occurred from April 17 to 19, Sony said.

About 23,400 financial records from an outdated 2007 database involving people outside the U.S. may have been stolen in the newly discovered breach, including 10,700 direct debit records of customers in Austria, Germany, the Netherlands and Spain, it said.

Sony says 25 million more accounts hacked *| ajc.com (http://www.ajc.com/business/sony-says-25-million-932697.html)

Two attempts to use my card last night at an online European hobby shop. My bank immediately flagged my card and blocked the purchases.

Was it a French women underwear shop? (no fun intended, i know two Spanish guys that had fraudulent purchases attempts in that shop for up to $600).

I canceled out my CC. Curious what information I had in the PS account though since I usually fudge a few things (like b-day).

We called our CC company, been with them over 10 years, and they offered to do this without us even asking. Should have new cards in a few days.



Agreed. I am wondering what a hacker is missing to stop them from applying for credit using your name. Just a social security number? CC was a relatively easy fix as was changing any passwords, someone having info to be able to apply for credit is now my concern.

I believe it's a little more complicated than that. Altough having your SS probably makes it a relatively short leap to get the remaining info needed if they really want to. You need things like residential history, employment history, and bank account information.

As incompetent and immoral as Sony has acted, you have to wonder how often this happens with companies not reporting it at all.

I think that going forward I will probably buy cards for most of these services and will use my debit card in fewer places.

Two attempts to use my card last night at an online European hobby shop. My bank immediately flagged my card and blocked the purchases.

Last year someone took my card number from somewhere (I was thinking it was "rubbed" at Jamba Juice) and used it to buy a $9.99 NeoPet.

Just from looking at the application form for a credit card at Citibank, it looks like all you need is:

Name
Address
Phone #
SSN
DOB

Just from looking at the application form for a credit card at Citibank, it looks like all you need is:

Name
Address
Phone #
SSN
DOB

Really? I've always had to supply employment information and income information, at minimum. I looked on on Citi's site and they ask for all of that.

I just called my bank to let them know that my debit card has been compromised since it was linked to my account and they basically told me that this is all a scam and that only my bank's fraud department can let me know if my card has been compromised. Really?

I got the number for someone higher up the pecking order but they are out to lunch. May be time for a new bank. I don't need people this thick headed handling my accounts and money.

Really? I've always had to supply employment information and income information, at minimum. I looked on on Citi's site and they ask for all of that.
You can just make all that up. Well at least you used to be able to. They'll give credit to almost anyone, especially since they can't lose money in the deal.

I just called my bank to let them know that my debit card has been compromised since it was linked to my account and they basically told me that this is all a scam and that only my bank's fraud department can let me know if my card has been compromised. Really?

I got the number for someone higher up the pecking order but they are out to lunch. May be time for a new bank. I don't need people this thick headed handling my accounts and money.

Interesting. What bank if you don't mind?

Really? I've always had to supply employment information and income information, at minimum. I looked on on Citi's site and they ask for all of that.

You can just make all that up. Well at least you used to be able to. They'll give credit to almost anyone, especially since they can't lose money in the deal.

RainMaker is correct. The employment information is not for verification. If you notice, on the Citi site, they are not requiring to provide your employer's name, address, or phone number. Just your general occupation and your income. They use that information for approval amount, research, and marketing.

I am one of those people that likes to challenge the DO NOT REPLY nature of these type of messages. I found this to be an interesting response. So I guess they won't be informing me when people steal my information again? Or did they just confirm the nature of their emails is to promote Qriocity? :)



-- Original Message --
Date: Wed, 4 May 2011 15:55:37 -0400
To: stevemax58
From: PSN SPAM ([email protected])
Subject: RE: Important information regarding PlayStation Network and Qriocity services

This is an automatically generated Status Notification.

Your email to PSN SPAM ([email protected])has been received and automatically processed. The email address you sent this message from, stevemax58 has been removed from all future mailings.

-- Original Message --
Date: Wed, 4 May 2011 15:55:37 -0400
To: PSN SPAM ([email protected])
From: stevemax58
Subject: RE: Important information regarding PlayStation Network and Qriocity services


Please stop screwing up & using this screwup as a way to promote some nonsense Qriocity.
Thanks in advance!!

Is the Playstation going to die? I don't know if they can get past this situation. It will be interesting to see some data over the next few months. I haven't used my 360 in a year probably, and now I'm going to switch my preorder of LA Noire over to it.

Looks like someone tried to hack into my yahoo account that I used for my Playstation Network login.

So has the US side of Sony offered free games to people like you get in Europe yet?

(2 Free PS-3 titles and 2 free PSP titles depending on which consoles you own - 4 in total if you own both)

I haven't seen anything other than 30 days free for their premium Playstation Network service.

What JK said.

Sony Networks Lacked Firewall, Ran Obsolete Software: Testimony - Security - News & Reviews - eWeek.com (http://www.eweek.com/c/a/Security/Sony-Networks-Lacked-Firewall-Ran-Obsolete-Software-Testimony-103450/)

Sony Networks Lacked Firewall, Ran Obsolete Software: Testimony - Security - News & Reviews - eWeek.com (http://www.eweek.com/c/a/Security/Sony-Networks-Lacked-Firewall-Ran-Obsolete-Software-Testimony-103450/)


Ummmm, wow. Just wow.

This whole thing is wow. And it's STILL down?

What a catastrophe. I'm not sure this is all getting enough press - I can't remember a corporate security meltdown of this scope. My netbook had better security than Sony.

What a catastrophe. I'm not sure this is all getting enough press - I can't remember a corporate security meltdown of this scope. My netbook had better security than Sony.

It's not, which is scary. My first reaction was there is no way PSN survives this (they also simply don't deserve to). But I think they'll up up and running and raking in the $$$ and everyone will forget all about it.

The current end date for getting everything back online apparently is the 31st:

Report: PlayStation Network Might Not Be Back Until May 31 | News & Opinion | PCMag.com (http://www.pcmag.com/article2/0,2817,2385082,00.asp)

Yes, three more weeks.

Looks like someone tried to hack into my yahoo account that I used for my Playstation Network login.

This is no good. What evidence have you seen that makes you think so?

This is no good. What evidence have you seen that makes you think so?

I couldn't log in to my account because of an incorrect password being attempted too many times and not because I was the one entering it wrong. Luckily for me, I used a different password to log into that account than I used for the Playstation account.

I had a similar thing with my PSN email account as well. I was locked out of it and had to do a password reset to get back in. Yay for throwaway hotmail accounts :)

I can't prove that it was because of what happened, but, seems awfully coincidental me.

I couldn't log in to my account because of an incorrect password being attempted too many times and not because I was the one entering it wrong. Luckily for me, I used a different password to log into that account than I used for the Playstation account.

Might be something with Yahoo. I had the same thing happen to me and I don't own a PS3 or a PSN account.

I signed up with Lastpass when it happened. Two days after I signed up, Lastpass got hacked. :(

I have a yahoo account that I've had since 99 or so and that one was fine. But who knows, yahoo does act funny sometimes.

I'm just glad I haven't found any of the PSN games or DLC to be worth buying so I never entered my credit card details on there. But missing out on on FIFA 11 online is annoying and the whole thing is an embarrassment.

I'm just glad I haven't found any of the PSN games or DLC to be worth buying so I never entered my credit card details on there. But missing out on on FIFA 11 online is annoying and the whole thing is an embarrassment.

+1

I have a PS3 and a 360 and the PS3 is basically just a Bluray player for me anymore. Not sure what it is, but I've just never been able to get into the PS3 outside of the Show and Uncharted. For non exclusive games I always go 360.

I should probably sell my PS3. The Show has sucked the last couple of years and that's really the only game I played on it. Don't watch much Blu-Ray either and I'll never use their online system again.

So has the US side of Sony offered free games to people like you get in Europe yet?

(2 Free PS-3 titles and 2 free PSP titles depending on which consoles you own - 4 in total if you own both)

Yes, they're offering the same when the PSN goes back online.

This is one of the few instances where I hope governments get involved. Sony downplayed how bad this was from the very beginning. There's probably going to be hundreds of millions lost (outside of Sony) in all of this from people getting new credit cards, banks printing new cards, banks losing money on fraudulent purchases, developers losing money on games, ect.

The two free PS3 games will be from a list of five, and the PSP games from a list of four.

Sony to offer free PS3 and PSP games | Stuff.co.nz (http://www.stuff.co.nz/technology/games/4979900/Sony-to-offer-free-PS3-and-PSP-games)

The two free PS3 games will be from a list of five, and the PSP games from a list of four.

Sony to offer free PS3 and PSP games | Stuff.co.nz (http://www.stuff.co.nz/technology/games/4979900/Sony-to-offer-free-PS3-and-PSP-games)

Isn't that for European PSN accounts, though? I don't think that's for US accounts.

Isn't that for European PSN accounts, though? I don't think that's for US accounts.

It's the same for every region. The only difference is the games offered will be different.

This is one of the few instances where I hope governments get involved. Sony downplayed how bad this was from the very beginning. There's probably going to be hundreds of millions lost (outside of Sony) in all of this from people getting new credit cards, banks printing new cards, banks losing money on fraudulent purchases, developers losing money on games, ect.

I'm not upset at the bank costs here. The banks could make identity theft harder, but it's cheaper for them to just pay the losses, so they just pay the losses.

What are your thoughts on how they can make it harder?

I've always preferred the Dual Shock controller, but crap like this definitely makes me more inclined to give my business to the 360. (I have both consoles.)

I have yet to get my email from Sony saying that I get any free games. The only email I got mentioned 30 days of free Premium online service.

What are your thoughts on how they can make it harder?

Stop sending me checks I can spend on my account in the mail all the time that are easy to be stolen and spent by someone else. I have to shred those things each time I get them.

Can the fiasco known as "Check 21". Go back to actually checking signatures on checks.

I'll start with those 2.

They could also start pressing charges against people who steal credit card numbers, although they have gotten better about it in the last few years.

I'm surprised Microsoft hasn't jumped all over this with a "trade your PS3 in for a $50 xbox or something similar.

And a second attempt to hack into my yahoo account that was associated with my Playstation account.

I can't believe what little press this is getting.

It's Wikipedia article states:

Credit card fraud

As of May 2011, there have been no verifiable reports of credit card fraud related to the PlayStation Network outage. There have been reports from the Internet that some PlayStation users have experienced credit card fraud,[74][75][76] however these reported fraud cases have yet to be linked to the incident. Users who have registered a credit card for use only with Sony have also reported credit card fraud.[77] Sony has claimed that the CVS codes requested by their services were not stored,[78] but it has been suggested that the hackers may have been able to decrypt or record credit card details whilst inside Sony's network.

The typical Wikifashion contradictory statement ... but I find it very hard to believe that of the millions of cards stolen, that none have been used in fraud ... and someone has been able to track all these millions of cardholders activities to report there hasn't been any fraud (seriously, how the hell would they know?).

I can't believe what little press this is getting.

Seriously. This is the largest security breech of personal data ... ever in the history of life.

And CNN wants to report on Lindsay Lohan and most hated celebs, Trump and Bristol Palin

Sony is a very large and powerful company.

I am downloading the new PSN update now...

Could it be??? IS it back?!!!

So I downloaded the update but I still can't log in. Thank you for teasing me once again, Sony.

http://i.imgur.com/PeFjc.jpg

Sony resumes limited PlayStation Network operation - Yahoo! News (http://news.yahoo.com/s/ap/20110515/ap_on_bi_ge/as_japan_sony_playstation)

TOKYO ***8211; Sony says it has begun restoring its PlayStation Network service in the United States and Europe. The service was shut down almost a month ago after a massive security breach.


Sony Computer Entertainment Inc. spokesman Satoshi Fukuoka says the company also began Sunday phased restoration of its Qriocity movie and music services.
Sony's PlayStation network is a system that links gamers worldwide in live play. Sony shut it down on April 20 after discovering the security breach affecting over 100 million online accounts.


The network serves both the PlayStation video game machines and Sony's Qriocity movie and music services. It is a system that also allows users to upgrade and download games and other content.

It feels good to finally play some online FIFA again.

PSN still down in Asia.
:(

I got the new update on both my PS3's but it is stil showing that psn is under maintenance. I read somewhere that after the update it is supposed to prompt you to change your password. No luck for me I guess.
So there is others online again?

I downloaded the PSN update last night and it prompted me to change my password, yes.

I have yet to get my email from Sony saying that I get any free games. The only email I got mentioned 30 days of free Premium online service.

Hey, I don't think I've even gotten THAT e-mail! Actually, I didn't even get an e-mail from Sony about why it was down.

And I know they have my correct e-mail address because I was able to use it to reset my password.

Eh, oh well.

Hey, I don't think I've even gotten THAT e-mail! Actually, I didn't even get an e-mail from Sony about why it was down.

And I know they have my correct e-mail address because I was able to use it to reset my password.

Eh, oh well.

Other than the email that said my account info was taken, I got nothing from Sony. It strikes me that they should send out an email easily taking you to a place to reset your password. So, how do I reset my PW? Turn on my PS3, download the update, and it will prompt me?

/tk

So, how do I reset my PW? Turn on my PS3, download the update, and it will prompt me?

Yes

Funny, when I downloaded the update yesterday it didn't prompt me to change password.

Funny, when I downloaded the update yesterday it didn't prompt me to change password.

Mine didn't either. However after reading this I turned on the ps3 and hit the psn sign in and then received the prompt.

Nice to have netflix functional again as the "have to be signed into psn to watch" workaround hasn't worked since Thursday or Friday.

Yeah, you hafta try to sign in to get prompted on the password change.

Kind of 'meh' for me at this point because I used the PSN store for demos and such far more than I ever used PSN itself, and that I have to wait on still.

Yeah, I wish the store was up. I finally got a Hulu Plus account so I wanted to download the app. At least I can watch MLB.tv and Netflix for now though.

Nice to have netflix functional again as the "have to be signed into psn to watch" workaround hasn't worked since Thursday or Friday.

Hmm...I've been able to use Netflix throughout. I just have to attempt to sign in, it tells me I cant (or whatever), and then press circle and Netflix is up. It usually has to be done once when I initially try to connect to Netflix, and then once again as Netflix loads (i.e. when I can see box art in the background).

May 16, 2011 07:00pm EST
4 Comments (http://www.pcmag.com/article2/0,2817,2385466,00.asp#disqus_thread)
Sony Unveils PlayStation Network 'Welcome Back' Package

http://common6.ziffdavisinternet.com/util_get_image/28/0,1468,i=288342,00.jpg (http://www.pcmag.com/author-bio/chloe-albanesius) By Chloe Albanesius (http://www.pcmag.com/author-bio/chloe-albanesius)

1digg (http://www.operationsports.com/fofc/) Share211 (http://www.facebook.com/sharer.php?u=http%3A%2F%2Fwww.pcmag.com%2Farticle2%2F0%2C2817%2C2385466%2C00.asp&t=Sony%20Unveils%20PlayStation%20Network%20%27Welcome%20Back%27%20Package%20%7C%20News%20%26%20Opinion%20%7C%20PCMag.com&src=sp)

http://common3.ziffdavisinternet.com/util_get_image/30/0,1468,i=300862,00.jpg When Sony started restoring its PlayStation network (http://www.pcmag.com/article2/0,2817,2385401,00.asp) this weekend, it promised a welcome-back consolation package for users who have been patiently waiting for its return since it went dark on April 20 (http://www.pcmag.com/article2/0,2817,2383924,00.asp).
This afternoon, the company provided some details on what returning users will receive, including free games, movie rentals, and virtual items.
"We developed the program as an expression of our gratitude for your patience, support and continued loyalty during the service outage. From all of us at PlayStation, thank you and welcome back!" Patrick Seybold, senior director of corporate communications and social media, wrote in a blog post (http://blog.us.playstation.com/2011/05/16/details-for-playstation-network-and-qriocity-customer-appreciation-program-in-north-america/). "This package will be made available to all existing registered PlayStation Network and Qriocity users in North America (US and Canada), and will be made available shortly after we have fully restored the service."
What do you get? All PlayStation Network customers can choose two of five PS3 games: Dead Nation; inFAMOUS; LittleBigPlanet; Super Stardust HD; or Wipeout HD + Fury. PSP owners can select two of four games: LittleBigPlanet; ModNation Racers; Pursuit Force; or Killzone Liberation. All games will be available for 30 days after the store is restored and can be kept forever.
Sony is also offering up a few other freebies, including:

A selection of free "On Us" movie rentals for PlayStation Network customers over the course of one weekend; movie titles will be announced soon.
Non-PlayStation subscribers will get a free, 30-day PlayStation Plus membership.
Existing PlayStation Plus members will get 30 extra days free.
Music Unlimited Premium/Basic subscribers will get free access for 30 days, plus time lost.
PlayStation Home will offer 100 virtual items. Sony promised more free content, including the next addition to the Home Mansion personal space, and Ooblag's Alien Casino, an exclusive game. More specific details about these offers and eligibility requirements will be posted as the services go live.
"You will be able to access the above content shortly after services are fully restored. We are doing everything we can to make that happen as soon as possible," Seybold wrote.

Sony Unveils PlayStation Network 'Welcome Back' Package | News & Opinion | PCMag.com (http://www.pcmag.com/article2/0,2817,2385466,00.asp)

Sony Unveils PlayStation Network 'Welcome Back' Package | News & Opinion | PCMag.com (http://www.pcmag.com/article2/0,2817,2385466,00.asp)

iNfamous and Little Big Planet are no-brainers if you don't have them already.

Wonder if accepting the package prohibits you from taking part in the inevitable class-action suit against Sony.

iNfamous and Little Big Planet are no-brainers if you don't have them already.

Yup, that's what I'm going with.

Hmm...I've been able to use Netflix throughout. I just have to attempt to sign in, it tells me I cant (or whatever), and then press circle and Netflix is up. It usually has to be done once when I initially try to connect to Netflix, and then once again as Netflix loads (i.e. when I can see box art in the background).

Yeah, that worked for me 'til about last Thursday or Friday, then it stopped. From then until psn was turned back on I could try to sign in, hit circle, go back to the box art, and even click on the show I wanted to watch. Then as the red bar started to fill I would be kicked back to the psn sign in screen. Sign in again, rinse repeat, and be back to the sign in screen. After doing it a few times I would even get to a pop-up that said something like "You're having trouble connecting to the PSN. Please try again later."

When that started I figured it could be from them getting ready to restart psn and taking away the workaround, who knows? Anyway working fine now with psn back up and running.

I'm not into Little Big Planet and have already played inFamous. Guess I'll just get Dead Nation. The others don't look like my cup of tea so maybe I'll just grab inFamous again and play through it if I'm bored.

Wonder if accepting the package prohibits you from taking part in the inevitable class-action suit against Sony.

Almost certainly going to be terms and conditions involved, and accepting the games will be tantamount to an opt-out, I'd think.

I already have Little Big Planet (came with my PS3, IIRC) so inFAMOUS and Dead Planet look like my picks.

Awesome.

Report: Sony PlayStation Network Password Reset Page Exploited, Customer Accounts Potentially Compromised - Kotaku (http://kotaku.com/5803050/sony-playstation-network-password-reset-page-exploited-customer-accounts-potentially-compromised)



Full size (http://cache.gawkerassets.com/assets/images/9/2011/05/psn_hack_splash_again.jpg)
http://fastcache.gawkerassets.com/assets/images/9/2011/05/xlarge_psn_hack_splash_again.jpg

it only does offline (http://kotaku.com/itonlydoesoffline/)

Report: Sony PlayStation Network Password Reset Page Exploited, Customer Accounts Potentially Compromised



http://cache.gawkerassets.com/assets/images/commenter/40000/45572_32.jpg (http://kotaku.com/people/joeljohnson/) Joel Johnson (http://kotaku.com/people/joeljohnson/) ***8212; According to reports on Nyleveia.com (http://sony.nyleveia.com/2011/05/17/warning-all-psn-users-your-accounts-are-still-not-safe/), Eurogamer (http://www.eurogamer.net/articles/2011-05-18-sonys-psn-password-page-hacked), and NeoGAF (http://www.neogaf.com/forum/showthread.php?t=430574), Sony's PlayStation Network password reset system-the one just put in place after the PSN hack-has been compromised, allowing hackers to change a PSN password if they know your email and date of birth. Exactly the sort of information that was released in the original hack.
Sony has taken the password reset system offline. Kotaku has reached out to Sony for comment.

LOL. In other news Sony was blazing fast in letting you know people had your credit card and other personal info. So shut the fuck up already.

http://ca.reuters.com/article/technologyNews/idCATRE74G41G20110517

Seems like maybe a good time to pick up a PS3 on ebay...

It bears repeating that one of the most foolish moves by Sony during this generation was to pull support of the Linux system. Tech geeks that pull these kinds of stunts are often far more interested in embarrassing companies who try to keep people from hacking their system than they are getting personal information. The PS3 had zero issues while Linux was an option and the techies loved the ability to play with the system. As soon as they yanked the support of Linux, there were people literally the next day trying to find a way to hack the operating system and database.

I have to LOL at the notion (referenced in the article) that suing some prick was "heavy-handed". Considering the stakes, these sacks of shit are very lucky they aren't regular victims of "brake failure" and other unfortunate "accidents".

Seems like maybe a good time to pick up a PS3 on ebay...

Need a doorstop?

Wow. Just wow.

I have to LOL at the notion (referenced in the article) that suing some prick was "heavy-handed". Considering the stakes, these sacks of shit are very lucky they aren't regular victims of "brake failure" and other unfortunate "accidents".

Sony should have been trying to hire the guy, not sue him. Put him on the payroll and ensure he can't be behind shit like this and maybe with him on their side he could have prevented this and further issues.

Sony should have been trying to hire the guy, not sue him. Put him on the payroll and ensure he can't be behind shit like this and maybe with him on their side he could have prevented this and further issues.

Oh yeah, that would have stopped this community of vermin ... until the next guy wanted to get on the payroll too.

Oh yeah, that would have stopped this community of vermin ... until the next guy wanted to get on the payroll too.

And what would be so wrong with that? These guys are obviously brighter than the guys Sony is currently paying to secure their stuff, check that, our stuff...why not hire the best?

How much cash is Sony going to be out after this is finally cleaned up? Several billion?

Yeah, I think they could have afforded a few golden handshakes with a couple hundred kids and maybe some of these kids realize that using their "powers" for good instead of evil is the right thing to do.

Do I like that hackers and the like exist? Fuck, no. But they do and always will so maybe playing nice with them would've worked a little better than the alternative.

I have to LOL at the notion (referenced in the article) that suing some prick was "heavy-handed". Considering the stakes, these sacks of shit are very lucky they aren't regular victims of "brake failure" and other unfortunate "accidents".

Well, on one hand, I couldn't agree with you more.

On the other, if Sony wants to take the heavy handed stance, they should maybe have a little bit better computer security than that of a small child. You walk up to a gang member and tell him to F-Off and then have no response when he calls over his friends and they start to beat you, you kinda have to take a little bit of the responsibility for it.

I don't have a problem with the lawsuit. I do have a problem with the Sony network security division.

I don't have a problem with the lawsuit. I do have a problem with the Sony network security division.

If that division is anything like the banking industry, they'll get some pretty nice bonuses soon. ;)

And what would be so wrong with that?

Philosophically you avoid rewarding criminals, you eliminate them.

And what would be so wrong with that? These guys are obviously brighter than the guys Sony is currently paying to secure their stuff, check that, our stuff...why not hire the best?


It's way, WAY easier to break in than it is to keep someone out.

So no, that's not necessarily true. Besides, it's likely a management issue. Not a skilled engineer issue.

Philosophically you avoid rewarding criminals, you eliminate them.

And how do you suppose we eliminate hackers?

IMO, shutting down the internet entirely is the only way to do it...any takers?

It's way, WAY easier to break in than it is to keep someone out.

So no, that's not necessarily true. Besides, it's likely a management issue. Not a skilled engineer issue.

Oh, I know that all too well...that's why a little "honey" likely goes a long way when it comes to crap like this.

A pissed off sysadmin is far more dangerous than any hacker, IMHO.

Not a huge fan of hackers, but if you're a company the size of Sony and commit yourself to delivering services online, not doing due diligence (at least equivalent to what all the other major players are doing) to protect your clients' data should almost qualify as an equally criminal offense.

If they tell me they're going to prosecute me as a customer if I steal their digital content or share it inappropriately, where's my right/ability to prosecute them for sharing my private data inappropriately and subjecting me to risk?

I get Sony's "How dare you hack us!!!" outrage, but it comes off as pretty lame when their answer to my "How dare you not take appropriate steps to preserve the data you collected from me" is to hand me some free (crappy) games and tell me to shut the fuck up. In that context, I'm a big fan of some vigilante hackers giving Sony complete and utter hell until they completely revamp their security protocols and get people in there to watch over the operation who know what they're doing.

If they tell me they're going to prosecute me as a customer if I steal their digital content or share it inappropriately, where's my right/ability to prosecute them for sharing my private data inappropriately and subjecting me to risk?



There's nothing stopping you from suing them, but you'd have to show more than that they "subjected you to risk". If you could show actual damages you might have a good case. You could sue them in small claims court tomorrow and a flunky there would probably offer a small, quick settlement in exchange for a promise that you wouldn't do business with them anymore. People do this all the time, though corporations don't necessarily want you to know about it.

Oh, I know that all too well...that's why a little "honey" likely goes a long way when it comes to crap like this.

A pissed off sysadmin is far more dangerous than any hacker, IMHO.

That's really what it is. Hiring doesn't help anything directly, but hopefully pacifies the community somewhat to not target them as viciously. But how far do you take it, you don't want to encourage the action.

And while I understand where Jon's coming from(he's consistent like that). Elimination is ideal, but not realistic.

Someone should probably change the thread title to add "AGAIN" in case others aren't aware.

And while I understand where Jon's coming from(he's consistent like that). Elimination is ideal, but not realistic.

I like the "send 'em to jail with the promise of a job as soon as they get released" approach. They should pay for the crime, but no reason not to take them on after they've paid their dues.

There's nothing stopping you from suing them, but you'd have to show more than that they "subjected you to risk". If you could show actual damages you might have a good case. You could sue them in small claims court tomorrow and a flunky there would probably offer a small, quick settlement in exchange for a promise that you wouldn't do business with them anymore. People do this all the time, though corporations don't necessarily want you to know about it.

Yeah. Doesn't have quite the same life-altering impact as Sony suing me for a million bucks for uploading a cracked copy of one of their games to a torrent network, does it? (I'm intentionally lumping them in with the RIAA stuff here. I don't actually know what Sony's track record is with this sort of thing.)

All I'm saying is that because of their size, they have the power to impact me for subjecting them to "unacceptable risk of loss" than I have to impact them. That's an inequitable power relationship...which is fine when they're accepting the responsibility for holding all of the power and doing their fucking jobs to protect me as a customer.

When they fail, whining to me about how unfair it is and how big, bad hackers are pushing them around falls flat.

Again, I want to stress here that I'm not "on the side of" the hackers here. I'm on *my* side as a consumer, and since I take the existence of hackers as a given, if a big corporation wants to do business with me and hackers can expose them as a bunch of worthless choads, then more power to them. God knows we have enough problem with keeping big corporations honest as it is.

There's nothing stopping you from suing them, but you'd have to show more than that they "subjected you to risk". If you could show actual damages you might have a good case. You could sue them in small claims court tomorrow and a flunky there would probably offer a small, quick settlement in exchange for a promise that you wouldn't do business with them anymore. People do this all the time, though corporations don't necessarily want you to know about it.

Yeah. Doesn't have quite the same life-altering impact as Sony suing me for a million bucks for uploading a cracked copy of one of their games to a torrent network, does it? (I'm intentionally lumping them in with the RIAA stuff here. I don't actually know what Sony's track record is with this sort of thing.)

All I'm saying is that because of their size, they have the power to impact me for subjecting them to "unacceptable risk of loss" than I have to impact them. That's an inequitable power relationship...which is fine when they're accepting the responsibility for holding all of the power and doing their fucking jobs to protect me as a customer.

When they fail, whining to me about how unfair it is and how big, bad hackers are pushing them around falls flat.

Again, I want to stress here that I'm not "on the side of" the hackers here. I'm on *my* side as a consumer, and since I take the existence of hackers as a given, if a big corporation wants to do business with me and hackers can expose them as a bunch of worthless choads, then more power to them. God knows we have enough problem with keeping big corporations honest as it is.

I like the "send 'em to jail with the promise of a job as soon as they get released" approach. They should pay for the crime, but no reason not to take them on after they've paid their dues.
Well other than the fact they may(probably do) have some character problems that will manifest themselves in countless ways or have a negative effect on culture. Not sure how sitting at home pounding Dews, breaking laws, gorging on Doritos and slamming IRC will transfer well to a corporate and team oriented position at a global powerhouse.

Well other than the fact they may(probably do) have some character problems that will manifest themselves in countless ways or have a negative effect on culture. Not sure how sitting at home pounding Dews, breaking laws, gorging on Doritos and slamming IRC will transfer well to a corporate and team oriented position at a global powerhouse.

Well, all the folks on this board stealing music and video games seem to be doing okay...

Yeah. Not even remotely a legitimate comparison.

Well other than the fact they may(probably do) have some character problems that will manifest themselves in countless ways or have a negative effect on culture. Not sure how sitting at home pounding Dews, breaking laws, gorging on Doritos and slamming IRC will transfer well to a corporate and team oriented position at a global powerhouse.

Well, you don't give them free run of the place, but the federal government and vegas casinos use these kinds of people as paid consultants all the time. That doesn't mean them put them in charge of the safe and the money operations.

You hire them, don't put them in touch with anything remotely sensitive, keep them out of the loop, pay them well to keep them quiet and run the PR parade. This works for the first couple, then the PR effect is lost and nothing is really gained beyond rewarding someone not deserving of one.

http://i95.photobucket.com/albums/l146/mon_montrose/jm/SonyIsntGoodWithComputers.gif

http://i95.photobucket.com/albums/l146/mon_montrose/jm/SonyIsntGoodWithComputers.gif

YES!!!

That's fantastic.

Someone in the Dominican Republic was going on a spending spree with our Visa card the other day. The card company caught it, so we're clear. We don't have a PS3 or any other Sony products, but I think I'm blaming it on the PSN hack anyway.

Yeah. Not even remotely a legitimate comparison.

It's at least as good as your broad sweeping generalization based on Hollywood fantasy.

No I think my generalization is pretty accurate.

Just received a we want you to reset your password and you get 45 free days of gametime for SOE.

I haven't played a SOE game for years. I might look into it...but I don't know if I trust Sony with any data.

PlayStation Store Aiming To Return Next Tuesday | PlayStation LifeStyle (http://playstationlifestyle.net/2011/05/19/playstation-store-aiming-to-return-next-tuesday/)

Store supposed to go back up on Tuesday.

See You Next Tuesday.

Welcome to Sony Tuesdays!

"Sony reports 2nd breach; 8,500 user accounts compromised.

Sony on Tuesday reported another security breach, saying 8,500 user accounts had been compromised.

The company said that Sony Music Entertainment Greece learned about the data breach late Sunday. It affected artist websites where fans can sign up for newsletters."


hxxp://www.cnn.com/2011/TECH/gaming.gadgets/05/24/sony.security.breach/index.html?hpt=T2

Sony is becoming the Jar Jar Binks of internet security.

At some point maybe they should just call it quits with the whole online thing.

Welcome to Sony Wednesdays!

http://technology.inquirer.net/751/sony-ericssons-canada-site-hacked/

Sony Ericsson***39;s Canada site hacked: company - Yahoo! News (http://news.yahoo.com/s/afp/20110525/tc_afp/japancanadaitinternetsony)

Sony is becoming the Jar Jar Binks of internet security.

:D

Can we get another again in the thread title.

Oh, Sony ...

Did I seriously just get this e-mail? I haven't had any issues thus far, but I'm going to trust a premium partner of Sony for identity theft? That's rich.

AllClear ID powered by Debix

Identity Theft Protection Offer for PlayStation®Network and Qriocity™ Customers

Sony Computer Entertainment and Sony Network Entertainment have made arrangements with Debix to offer AllClear ID PLUS to eligible PlayStation®Network and Qriocity account holders in the United States who are concerned about identity theft.

AllClear ID PLUS is a premium identity protection service that uses advanced technology to deliver alerts to help protect you from identity theft. The service also provides identity theft insurance coverage and hands-on help from expert fraud investigators.

Sony has arranged, at no charge to eligible PlayStation®Network and Qriocity account holders, for twelve months of this service to be provided by Debix to those who choose to enroll. In order to be eligible, account holders must be residents of the United States with active accounts as of April 20, 2011.

If interested, please submit your email address by June 28, 2011, at 11:59:59 PM CST at: us.playstation.com/news/consumeralerts/identity-theft-protection.

Please note, you must enter the same email address used to register your PlayStation®Network or Qriocity account. Once your email address is validated, you will be sent your AllClear ID PLUS activation code.

Sincerely,

Sony Computer Entertainment & Sony Network Entertainment

That's odd. What's the catch?

That's odd. What's the catch?

I'm guessing there's an annual auto-renewal hidden in there somewhere. Just a guess.

I'm guessing there's an annual auto-renewal hidden in there somewhere. Just a guess.

Before I finished reading, I thought it was a sales pitch to buy it. After reading it I'd be certain you get locked into a 2 year deal where the 1st year is free and you have to pay for the 2nd, or at the minimum what you said.

I'll take it for free for 12 months, but only if I can be sure to see the auto-renew and opt my ass out of it right away.

Did I seriously just get this e-mail? I haven't had any issues thus far, but I'm going to trust a premium partner of Sony for identity theft? That's rich.

I am surprised you had not heard about this before. There have been reports of Sony offering ID theft protection for a few weeks.

This was always something Sony was going to need to offer customers after the security breach.

I just caught 4 purchases totaling $250 made in west Texas and Arizona on my card that was associated with the account. Luckily it has been frozen already and should be fixed shortly but I still have not received one email from Sony. The funny thing is I do not even care that much but even just 1 email would be nice.

Oh yeah, that would have stopped this community of vermin ... until the next guy wanted to get on the payroll too.

if sony would have handled their situation with geohot differently, perhaps offering him a job, these hackers probably would have never attempted the attack on psn.

but instead they kinda chose to sue the guy who didnt do much more than figure out how to put homebrew on hardware that he had

So my PS3 gets the Red Light of Death. I take it to get it repaired and find out that this is a fairly common issue on the old PS3 fats right now. The guy doing the repair said it's a design flaw combined with Sony doing a terrible job with the thermal paste on the GPU and CPU. He also mentioned that right now he gets 4 PS3s to repair in for every XBox 360. The guy had a mountain of PS3s sitting in his office along with probably 5-6 360s.

It was clear that even though Sony gets this guy good business he's not much of a fan of them.

It's really getting difficult to justify even bothering with the PS3 at this point.

It's really getting difficult to justify even bothering with the PS3 at this point.

New Infamous and Uncharted are the only reasons I'm not selling my PS3 right now.

LulzSec The Lulz Boat
Releasing mediafire/pastebin/torrent link to a large cache of compromised internal @Sony data in exactly 4 hours. #Sownage

Wow, this should be interesting

hxxp://www.ibtimes.com/articles/156416/20110602/lulzsec-hack-sony-data-publish.htm

June 2, 2011 11:17 AM EDT

LulzSec (Lulz Security) claims it has hacked Sony and made off with its data. Now, it’s just organizing that data so that it will be “published in multiple ways to ensure maximum embarrassment and exposure.”

LulzSec (Twitter @LulzSEc) made the threat on May 27.

“We're working on another Sony operation. We've condensed all our excited tweets into this one: this is the beginning of the end for Sony.”

On May 29, it said “Phrase 1” will begin the following day.

“#Sownage (Sony + Ownage) Phase 1 will begin within the next day. We may have a pre-game show for you folks though. Stay tuned.”

On May 31, it claimed to have successfully hacked Sony.

“Hey @Sony, you know we're making off with a bunch of your internal stuff right now and you haven't even noticed? Slow and steady, guys.”

On Thursday June 02, LulzSec said it was ready to publish Sony’s data.

“We're currently grouping together the things we've taken from @Sony and are arranging them in a way that everyone will easily understand.”

“Everything we have will be published in multiple ways to ensure maximum embarrassment and exposure for @Sony and their security flaws. :D”

“Hold your F5s for now, we're getting all this juice in one place. Blame @Sony for storing their data in a stupid fashion. Silly Sony!”

“Everything is in one place. We will be announcing an official release time soon.”

A Sony spokesperson said “We have been performing regular, thorough testing of the implemented security enhancements. After investigating further, there is no indication that the claim by [LulzSec] is accurate at the moment.”

The statement, emailed on June 02, 2011 12:41:13 AM ET, referred to LulzSec’s claim on May 31 that it was successfully hacking Sony.

LulzSec (Lulz Security) is a hacker group who gained notoriety for hacking PBS and publishing a bogus story of Tupac being alive. Previously, it also hacked Fox.com, the FOX15 Twitter account, and Sony’s music website in Japan.


Not sure why this isn't getting much play. Are these peeps for real or is it a hoax or attempt to spread a virus?

The Tupac story on PBS was pretty funny. Saw that the other day.

The Tupac story was fake? :(

Hmmmmmmm


The Lulz Boat
LulzSec The Lulz Boat
1,000,000+ unencrypted users, unencrypted admin accounts, government and military passwords saved in plaintext. #PSN compromised. @Sony
2 minutes ago

The Lulz Boat
LulzSec The Lulz Boat
Uh-oh #SonyPictures... [deleted link]" LulzSec versus Sony Pictures - Pastebin.com[/url]
10 minutes ago

The Lulz Boat
LulzSec The Lulz Boat
Uh-oh #PSN... Linux sdk-pct06.station.sony.com 2.6.18-164.15.1.el5 #1 SMP Wed Mar 17 11:30:06 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
11 minutes ago

The Lulz Boat
LulzSec The Lulz Boat
Releasing some @Sony embarrassment in a few minutes. Just finishing our torrent!
21 minutes ago

Wow. Email addresses and passwords, which knowing most people, are probably the same.

Not sure why this isn't getting much play. Are these peeps for real or is it a hoax or attempt to spread a virus?
They did the PBS thing, but since then they've just boasted about all this other stuff they supposedly have done with no evidence backing it up. Sounds more like kids pretending to be more important than they are. When it comes to hackers, all that matters is what you've done, not what you've claimed to have done.

Supposedly a bunch of info has just been released, but I'm not clicking on any links or downloads to find out.

For those who don't want to click:

Contents of our plunder:

## Sony_Pictures_International_AUTOTRADER_USERS.txt ##
-- In this file you will find just under 12,500 customers of Sony;
this includes dates of birth, addresses, emails, full names,
passwords, user IDs, and personal phone numbers.

## Sony_Pictures_International_BEAUTY_USERS.txt ##
-- In this file you will find just under 21,000 customers of Sony;
this is a simple email/password drop. Enjoy your account stealing.

## Sony_Pictures_International_COUPONS.txt ##
-- In this file you will find just under 20,000 Sony music coupons;
please note that there are 3.5 million coupons to take - get 'em.

## Sony_Pictures_International_DELBOCA_USERS.txt ##
-- In this file you will find just under 18,000 customers of Sony;
this is a simple email/password drop. Again, enjoy your stealing.

## Sony_Pictures_International_MUSIC_CODES.txt ##
-- In this file you will find just under 67,000 Sony music codes;
they're like magnets, we simply have no idea how they work.

## Sony_Pictures_International_TABLE_LAYOUT.txt ##
-- In this file you will find the layout of the database;
that means you can easily see where to steal things from.

Note that the database contains far more user information/coupons
than we took. The point is that we had control of them; all of them.
We leave the rest up to you - steal as much as you want, go forth!

ADDITIONAL OWNAGE:

## Sony_BMG_Music_Entertainment_NETHERLANDS ##
-- This file contains the user database of BMG Netherlands;
it's around 600 usernames, emails, and passwords. Enjoy.

## Sony_BMG_Music_Entertainment_BELGIUM ##
-- This file contains the Sony admin database of BMG Belgium;
also lots of barcodes, release dates, and other juicy shit.

If true. Ouch.

Fucking media... where are you?

If true. Ouch.

Fucking media... where are you?

Yeah, bizarre. If this is true, it's pretty big. I get the hatred towards Sony, but it's kind of a big F-U to a lot of people that don't deserve it.

I'm still not going to click on the links to find out if it's actual data. I'm still not convinced it's not a ploy to send out a virus.

I'm only finding a few techy sites that are loosely following this, but it's pretty much going under the radar again.

When I first read about this, I thought internal Sony data meant information about the company.

Are these username and passwords supposedly being released the ones that we would log into the PSN with? If so, wtf. How does that hurt Sony, it hurts the innocent people that dislike Sony for what happened too...?

It hurts the innocent people, but makes Sony look bad for leaving their information vulnerable. Collateral damage, I'm sure the hackers believe in their never ending fight against the man.

I googled a few email addresses out of curiosity, and they sure seem legit to me. It's all stored in plain text (ironically) on the hacker website.

It isn't PSN information. Its Sony contest entry information, at least everything released thus far.

When I first read about this, I thought internal Sony data meant information about the company.

Are these username and passwords supposedly being released the ones that we would log into the PSN with? If so, wtf. How does that hurt Sony, it hurts the innocent people that dislike Sony for what happened too...?

From the sounds of it, yes, it's user's data.

Word is they're having a hard time posting things and keeping them up as they're getting bombarded with DDOS attacks. So still no idea if they ACTUALLY posted anything, or if they were just doing it "for the lulz".

From the sounds of it, yes, it's user's data.

Word is they're having a hard time posting things and keeping them up as they're getting bombarded with DDOS attacks. So still no idea if they ACTUALLY posted anything, or if they were just doing it "for the lulz".

They certainly posted real email addresses and purported passwords, but I wasn't about to commit a crime to confirm that they were real.

It isn't PSN information. Its Sony contest entry information, at least everything released thus far.

Yeah, looks like you're right ...
This target gave us LOLs as it provided internal release dates of records, barcodes, sales reports, and plaintext Sony employee passwords:

OH NOES RELEASE DATES OF RECORDS

They certainly posted real email addresses and purported passwords, but I wasn't about to commit a crime to confirm that they were real.

Yeah, no way in hell I'm touching that ...

I should probably delete the link to it in one of my quotes.

No virus, shit is straight legit. holy shit. sony is fucked.

I downloaded it, not scared, I've been in this world before ;)

omg, some of this shit is hilarious, sonys own admins accounts ... like username first name, and password : sonybmg

Why hasn't someone with Sony reached out to some "security consultants" known for having copious amounts of body art and dealt with this trash already?

They don't know who they are?

They don't know who they are?

Chum the waters with enough money, virtually anyone can be found. Ain't no honor among thieves, cyber or otherwise.

If they'd throw a little less money around at the news media to keep this on the downlow, they might have a bit more money to pay for security.

Chum the waters with enough money, virtually anyone can be found. Ain't no honor among thieves, cyber or otherwise.
Would be cheaper to hire competent security people.

Would be cheaper to hire competent security people.

Except that it looks as though that ship has sailed ... or the horse is already out of the barn ... or some other handy old adage ;)

read that the Sony Pictures's hack was accomplished with a simple SQL injection and the data was stored in plain text. Which, if true, makes whatever person or organization in charge of security over there the DUMBEST ASSHOLE on the planet.

OMFG the mind reels....

lol sql injection.

read that the Sony Pictures's hack was accomplished with a simple SQL injection and the data was stored in plain text. Which, if true, makes whatever person or organization in charge of security over there the DUMBEST ASSHOLE on the planet.

OMFG the mind reels....

Wrong.

The DUMBEST ASSHOLE on the planet was the one who looked across the desk at him during the interview and said "Gosh, this guy looks like a good hire to run our security department."

Sweet. Sony isn't PCI compliant.

I have all kinds of BS to go through pretty much on a daily basis because PCI compliance and I don't work for a company like Sony. It doesn't look like they know WTF they're doing across the board.

Chum the waters with enough money, virtually anyone can be found. Ain't no honor among thieves, cyber or otherwise.

I thought you were against rewarding thieves?

I thought you were against rewarding thieves?

That's not a reward, that's a payment for other services rendered.

I'm also not saying what the life expectancy of the snitches ought to be, once they've served their purpose ;)

Finally saw a brief blip on CNN this morning. More of an "oh by the way, this happened" type but it at least did make a major network's reporting.

So...I got my email for my 2 free games and I took the bribe.

Got Dead Nation & Infamous. Dead Nation is a pretty cool Zombie killer game with Co-Op play (my son and I can both shoot zombies! yay for quality time!!).

Haven't played Infamous yet (but really excited to).

So...I got my email for my 2 free games and I took the bribe.

Got Dead Nation & Infamous. Dead Nation is a pretty cool Zombie killer game with Co-Op play (my son and I can both shoot zombies! yay for quality time!!).

Haven't played Infamous yet (but really excited to).

How long did it take you to download one of the free games? I'm downloading Infamous now and it's taking forever.

How long did it take you to download one of the free games? I'm downloading Infamous now and it's taking forever.

Mine took about 15 minutes.

How long did it take you to download one of the free games? I'm downloading Infamous now and it's taking forever.

I'm still downloading. 35% right now :)

Its like 7.5 GB...Dead Nation was only 1.5 GB. Took a while but downloaded in about 30 minutes. I'm averaging about 4-5 Mbps download rate at the moment...so probably going to take a bit longer.

Mine took about 15 minutes.

Are you sure thats how long it took you for Infamous? Or was that for a different game?

That would be approximately 60 Mbps conncectivity. That's outstanding to sustain that...just surprised that PSN could(assuming you have an internet connection supporting as well).

Trola

Bandwidth has improved...10 Mbps for the past few minutes. 43% now. Guess I'll be here for a while. :)

Are you sure thats how long it took you for Infamous? Or was that for a different game?

That would be approximately 60 Mbps conncectivity. That's outstanding to sustain that...just surprised that PSN could(assuming you have an internet connection supporting as well).

You're correct. It was Dead Nation. My connection runs between 10-15 Mbps on average.

Hmm... wondering if we're going to be back up in Korea any time soon...

You're correct. It was Dead Nation. My connection runs between 10-15 Mbps on average.

Gotcha...yeah, Dead Nation took a little longer for me (maybe 25-30 minutes). I suspect I hit that closer to peak. Unfortunately...the version you download is not the latest version...so I had to download the update which took another 10-20 minutes (not counting the install times for all these). Oh well..its over now & on the HDD...so pretty cool.

Infamous at least hit 10-15 Mbps after a couple of minutes & probably took a little over 2 hours in the background for me. At least it didnt need an update. :)

Three people were arrested in Spain in connection with the hack of the PSN. Apparantly, police were already tracking these guys due to another hack on a Spanish gov't website and figured out that they were also responsible for the PSN hack.

Three arrests made in connection with PSN hack | Joystiq (http://www.joystiq.com/2011/06/10/three-arrests-made-in-connection-with-psn-hack/)

I would imagine "responsible" is a spurious term.

And in today's news, got this from EA/Bioware this morning:

Yesterday (June 14), we learned that a hacker gained unauthorized access to the decade-old BioWare community server system associated with the Neverwinter Nights forums. We immediately took appropriate steps to protect our consumers' data and launched an ongoing evaluation of the seriousness of the breach. We have determined that no credit card data was compromised, nor did we ever have or store sensitive data like social security numbers. However, hackers may have obtained your user account name and password, email address, country and date of birth, as well as other information (if any) that you may have associated with your EA Account. As a result, we have changed your password to ensure account security. Please visit this *link removed* to reset your password immediately.

We take the security of your information very seriously and regret any inconvenience this may have caused you. If your username, email address and/or password on the Neverwinter Nights forums are similar to those you use on other sites, we recommend changing the password at those sites as well. We advise all of our fans to always be aware of any suspicious emails or account activity and report any suspicious emails and account activity to Customer Support at 1-866-543-5435.

If you have questions, please visit our FAQ at Answer (http://support.ea.com/app/answers/detail/a_id/5367) or contact Customer Support at the phone number above.

If your link has expired, click here to generate a new email.

Aaryn Flynn
Studio GM, BioWare Edmonton
VP, Electronic Arts

What this says to me is that EA looked at the Sony debacle, and a security lead who actually knows what the fuck he's doing says, "Hey, we ought to do an audit on all of our servers just to make sure we're as airtight as we think we are."

Did I seriously just get this e-mail? I haven't had any issues thus far, but I'm going to trust a premium partner of Sony for identity theft? That's rich.


Identity Theft Protection Offer for PlayStation®Network and Qriocity™ Customers

Sony Computer Entertainment and Sony Network Entertainment have made arrangements with Debix to offer AllClear ID PLUS to eligible PlayStation®Network and Qriocity account holders in the United States who are concerned about identity theft.

AllClear ID PLUS is a premium identity protection service that uses advanced technology to deliver alerts to help protect you from identity theft. The service also provides identity theft insurance coverage and hands-on help from expert fraud investigators.

Sony has arranged, at no charge to eligible PlayStation®Network and Qriocity account holders, for twelve months of this service to be provided by Debix to those who choose to enroll. In order to be eligible, account holders must be residents of the United States with active accounts as of April 20, 2011.

If interested, please submit your email address by June 28, 2011, at 11:59:59 PM CST at: us.playstation.com/news/consumeralerts/identity-theft-protection.

Please note, you must enter the same email address used to register your PlayStation®Network or Qriocity account. Once your email address is validated, you will be sent your AllClear ID PLUS activation code.

Sincerely,

Sony Computer Entertainment & Sony Network Entertainment

Just curious if anyone has been brave enough to take Sony up on this?

Just curious if anyone has been brave enough to take Sony up on this?

If Sony offers this in the UK I will take them up on it, but so far we have heard nothing.

Just curious if anyone has been brave enough to take Sony up on this?

Nope and not going to. If I can't trust them with securing their stuff with my stuff in it. I really don't have much confidence, anything security wise they are offering, even from 3rd party.

Nope and not going to. If I can't trust them with securing their stuff with my stuff in it. I really don't have much confidence, anything security wise they are offering, even from 3rd party.

Ditto.

Admittedly, I haven't investigated the deal, but I'm assuming that the 12-months free coverage will require a credit card to activate it, so then I've not only got the hassle of remembering to cancel the service when it stops being free, but I've got to deal with feeling cheap and dirty for giving out my cc# to a Sony-related 3rd party again.

Sony just stinks like shit right now. Anyone willing to sign up with them to deliver gets covered in the smell. I realize that's completely unfair and irrational, both to the 3rd party company and to Sony, who could very well be honestly trying to make things right, but it is what it is. I don't trust Sony right now. They've convinced me that they're incompetent (in more than just designing craptacular software packages). Maybe the 3rd parties they're hiring are incompetent, too.

Got this today. Another hack?!?!
Dear Daniel,

As you may be aware, the SEGA Pass system has been offline since yesterday, Thursday 16 June.

Over the last 24 hours we have identified that unauthorised entry was gained to our SEGA Pass database.

We immediately took the appropriate action to protect our consumers’ data and isolate the location of the breach. We have launched an investigation into the extent of the breach of our public systems.

We have identified that a subset of SEGA Pass members emails addresses, dates of birth and encrypted passwords were obtained. To stress, none of the passwords obtained were stored in plain text.

Please note that no personal payment information was stored by SEGA as we use external payment providers, meaning your payment details were not at risk from this intrusion.

If you use the same login information for other websites and/or services as you do for SEGA Pass, you should change that information immediately.

We have also reset your password and all access to SEGA Pass has been temporarily suspended.

Additionally we recommend you please take extra caution if you should receive suspicious emails that ask for personal or sensitive information.

Therefore please do not attempt to login to SEGA Pass at present, we will communicate when the service becomes available.

We sincerely apologise for this incident and regret any inconvenience caused.

We are contacting all our members with these recommendations.

If you have any further questions please contact SEGA customer support on [email protected]

LOOOOOOOOOOOOOOOOL if true

Is this now the "network X" was hacked thread or does Sega have a connection to Sony?

I got the SEGA Pass email as well. I have absolutely no idea what I would be using the SEGA Pass account for.

I got the SEGA Pass email as well. I have absolutely no idea what I would be using the SEGA Pass account for.

Same here. Weird that I saw it here first, before getting the actual email myself. I also don't know what SEGA Pass is.

I just received it...

For those who haven't bought FM through Steam and straight from Sega...this could be the cause..I think bought 09 through Sega and not Steam...

I just received it...

For those who haven't bought FM through Steam and straight from Sega...this could be the cause..I think bought 09 through Sega and not Steam...

Yeah, Sega pass is also associated with the FM site and I believe also their forum boards which are currently down.

Oh yeah - that's what it must be with the Sega Pass thing...aaaah. Makes sense.

I'm finally getting around to taking advantage of the games. Grabbing LBP for my PS3 for sure, maybe Super Stardust. Thinking ModNation Racers for my PSP, maybe LBP there too.

Though I did the firmware update on the PS3 as soon as I could (and updated my password), never got around to doing it on the PSP until today. I wish the PSP didn't suck so much battery life. Had to plug it in and let it charge a bit before it would even let me upgrade the firmware.

/tk

Just got a report from the bank that someone tried to charge ~$2600 to my CC that I used for PSN. They contacted the recipient and found the order was to an internet travel agency with a Belgium address. I've only used this particular card on PSN, Steam, and Amazon in the last six months. Lovely.

An arrest in the UK related to the Sony/Sega hack...........

19-year-old arrested over Sony hack, London police say - CNN.com (http://www.cnn.com/2011/WORLD/europe/06/21/uk.sony.hack.arrest/index.html?hpt=hp_t2)

Word is he just ran a irc server lulzsec had a channel on. Lulzec also has a twitter feed, better raid twitter I guess

Word is he just ran a irc server lulzsec had a channel on. Lulzec also has a twitter feed, better raid twitter I guess

Dang, I was kinda hoping someone really DID do it for the lulz.

Jester, the ex-military hacker who now hacks terrorist websites has been outing the lulzsec guys on a blog.

LulzSec Exposed (http://lulzsecexposed.blogspot.com/)

It's kind of like gang bangers shooting each other. Should be good for some lolz.

Jester, the ex-military hacker who now hacks terrorist websites has been outing the lulzsec guys on a blog.

LulzSec Exposed (http://lulzsecexposed.blogspot.com/)

It's almost reached a similar point to the 'War on Terror'. These guys can deal multi-million or even billion dollar hits to major corporations or governments with a single act. Much like terrorist, they are united by a cause and aren't generally tied to any specific location or country.

Interesting to see the taunts on that blog related to an infiltration of the group. Definitely bookmarked this blog to keep an eye on developments.

dola

Interesting guy outed here. He works for the Onion, Guardian, Vanity Fair, Huffington Post and DailyKos as a journalist. He was pushing information and stories out to the media through these outlets.

LulzSec Exposed: Barret Brown Doxed (http://lulzsecexposed.blogspot.com/2011/06/barret-brown-doxed.html)

LOL wow ... it's like a soap opera called "As the Hackers Hack"

LulzSec Shuts Down, Ends Hacking Campaign (http://mashable.com/2011/06/25/lulzsec-closes/)

LulzSec is done.

LulzSec Shuts Down, Ends Hacking Campaign (http://mashable.com/2011/06/25/lulzsec-closes/)

LulzSec is done.

Funny how it all happened after Jester absolutely exposed them.

Funny how it all happened after Jester absolutely exposed them.

Well you see, we were only going to do this for 50 days. So, um, yeah. :lol:

http://pastebin.com/raw.php?i=iVujX4TR

Long, but this exposes Lulzsec pretty well.

http://pastebin.com/raw.php?i=iVujX4TR

Long, but this exposes Lulzsec pretty well.

Best line I've seen so far
He doesn't really do anything except have gender identity issues.

(for those who haven't read it, apparently there's a rather high percentage of transgendered folks among the hackers in this group)

Not even 50 days...

http://techcrunch.com/2011/07/18/lulzsec-hacks-the-sun-redirects-homepage-to-fake-murdoch-death-story/

19 arrests now. Looks like the blogger who bragged he knew the names of all these kids wasn't kidding when he said he turned over info to the FBI.......

http://www.foxnews.com/scitech/2011/07/19/exclusive-fbi-search-warrants-nationwide-hunt-anonymous/

That blogger/hacker has been well known for a long time. Much more mature and not simply looking for attention like all the kiddies are. Ex-military with real political targets and doesn't brag, just the facts.

So doesn't surprise me.

This just keeps escalating.

'Anonymous' Hackers Claim to Breach NATO Security - FoxNews.com (http://www.foxnews.com/scitech/2011/07/21/anonymous-hackers-claim-to-breach-nato-security/)

And another of the big fish gets exposed......

http://lulzsecexposed.blogspot.com/2011/07/caught-naked.html

Couldn't it just be verified that those emails are real by GoDaddy or PayPal?

Not nearly as big as the first time, but

Again? Sony's PlayStation Network hit with another attack - CNN.com (http://www.cnn.com/2011/10/12/tech/gaming-gadgets/sony-playstation-network-attack/index.html)

I read about this last night and totally forgot about it. I guess if you feed a stray cat, it will just keep coming back for more...

Not nearly as big as the first time, but

Again? Sony's PlayStation Network hit with another attack - CNN.com (http://www.cnn.com/2011/10/12/tech/gaming-gadgets/sony-playstation-network-attack/index.html)

What the hell? Is Microsoft doing the hacking or what? This is becoming quite sad.

So, hey, jbergey.

You know how all those usernames and passwords were posted after the first hack?

Somebody got a hold of the list. Which wasn't hard.

That same somebody relied on the fact that people are, frequently, dumbasses. And got access to a few thousand accounts which had never had their passwords changed. That's not "hacked." That's "our end users are dumbasses."

I thought they locked those accounts until folks changed their passwords though?

I thought they locked those accounts until folks changed their passwords though?

Which, you'd still need the original password to even be able to prompt the account to say "Yo, dawg, you need to change that shit." Otherwise, it'd just say 'wrong password, try again.'

They didn't say "Oh, hey, around 90k accounts got compromised and are under the control of an intruder we detected." They said "we detected a large number of login attempts aimed at several thousand accounts originating from the same place and we shut them down and by the way we're reminding you guys that if you haven't yet changed your password from the original intrusion you REALLY NEED TO GET THAT SHIT DONE."

Down goes Lulzsec

EXCLUSIVE: Infamous international hacking group LulzSec brought down by own leader | Fox News (http://www.foxnews.com/scitech/2012/03/06/hacking-group-lulzsec-swept-up-by-law-enforcement/)

EXCLUSIVE: Law enforcement agents on two continents swooped in on top members of the infamous computer hacking group LulzSec early this morning, and acting largely on evidence gathered by the organization’s brazen leader -- who sources say has been secretly working for the government for months -- arrested three and charged two more with conspiracy.

Charges against four of the five were based on a conspiracy case filed in New York federal court, FoxNews.com has learned. An indictment charging the suspects, who include two men from Great Britain, two from Ireland and an American in Chicago, is expected to be unsealed Tuesday morning in the Southern District of New York.

“This is devastating to the organization,” said an FBI official involved with the investigation. “We’re chopping off the head of LulzSec.”

The offshoot of the loose network of hackers, Anonymous, believed to have caused billions of dollars in damage to governments, international banks and corporations, was allegedly led by a shadowy figure FoxNews.com has identified as Hector Xavier Monsegur. Working under the Internet alias “Sabu,” the unemployed, 28-year-old father of two allegedly commanded a loosely organized, international team of perhaps thousands of hackers from his nerve center in a public housing project on New York’s Lower East Side. After the FBI unmasked Monsegur last June, he became a cooperating witness, sources told FoxNews.com.

“They caught him and he was secretly arrested and now works for the FBI,” a source close to Sabu told FoxNews.com.

Monsegur pleaded guilty Aug. 15 to 12 hacking-related charges and information documenting his admissions is expected to be unsealed in Southern District Court on Tuesday.

As a result of Monsegur’s cooperation, which was confirmed by numerous senior-level officials, the remaining top-ranking members of LulzSec were arrested or hit with additional charges Tuesday morning. The five charged in the LulzSec conspiracy indictment expected to be unsealed were identified by sources as: Ryan Ackroyd, aka “Kayla” and Jake Davis, aka “Topiary,” both of London; Darren Martyn, aka “pwnsauce” and Donncha O’Cearrbhail, aka “palladium,” both of Ireland; and Jeremy Hammond aka “Anarchaos,” of Chicago.

Hammond was arrested on access device fraud and hacking charges and is believed to have been the main person behind the devastating December hack on U.S. security company Stratfor. Millions of emails were stolen and then published on Wikileaks; credit card numbers and other confidential information were also stolen, law enforcement sources told FoxNews.com.

The sources said Hammond will be charged in a separate indictment, and they described him as a member of Anonymous.

The others are all suspected members of LulzSec, the group that has wreaked havoc on U.S. and foreign government agencies, including the CIA and FBI, numerous defense contractors, financial and governmental entities and corporations including Fox and Sony.

Ackroyd, who is suspected of using the online handle “Kayla,” is alleged to be Monsegur’s top deputy. Among other things, Kayla identified vulnerabilities in the U.S. Senate’s computer systems and passed the information on to Sabu. Kayla was expected to be taken into custody on Tuesday.

A spokeswoman for the Southern District and U.S. Attorney Preet Bharara declined comment.

Monsegur’s attorney did