Important Information for Playstation 3 Registered Users

Super Moderator
User avatar
Posts: 9120
Joined: Fri May 14, 2010 7:03 pm
Location: Inside You.

PostWed Apr 27, 2011 5:01 pm » by Troll2rocks


This is highly important, for now forget all console agro Xbox vs Sony, this is very important as it affects over 70 million PS3 registered users around the world.

Have you noticed that your account has been signed into and booted you offline ? This happened to me about a week and a half ago. I thought nothing much of it as my partner had my log in details, I quickly signed back in.

On the 17th of April Hackers yet again broke into Sony's PSN network. After a previous attack by the Hacker Group "Anonymous", they were responsible for the first attack, they then claimed they were not responsible for this attack, when it became apparent that the attack was a serious breach and that it affected a global consumer market. Unfortunately for this hacker group, on the 13th of April they posted a video warning of new attacks (the biggest they will ever have seen), even though there original goal was for Sony to drop the case against George Hotz (the moron who leaked the source code online for PS3) it was settled out of court, (however) for anonymous it was not enough, and they posted this video....


Upload to Disclose.tv



Several members of this group have already been caught. More are running as we speak.


Upload to Disclose.tv



Wikileaks, may well be involved, (or several members who do tech related stuff for the site)


Today I found out my partner has had her $90 worth of PS3 store content purchased, and so has her friend at work, and that she is having to forward bank statements to Sony. I am going to be checking my account in the next hour. If you are registered with PS3, (ALL) OF YOUR LOG IN DETAILS, ALL OF YOUR PASSWORD AND PURCHASE HISTORY HAS BEEN COMPROMISED (excluding your security card number, and expiry date)

The PSN is still down, and Sony are now contacting everyone with a registered account to say this....

The latest information on the PlayStation Network service outage.

Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. The following email has been sent to all PSN registrants; please read the help and support FAQ for more information.

Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1) Temporarily turned off PlayStation Network and Qriocity services;

2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and

3) Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity passwords and login and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising that your credit card number (excluding security code) and expiration date may also have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security, tax identification or similar number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit or similar types of reports.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at uk.playstation.com/psnoutage should you have any additional questions.

Sincerely,
Sony Network Entertainment and Sony Computer Entertainment Teams

Sony Network Entertainment Europe Limited (formerly known as PlayStation Network Europe Limited) is a subsidiary of Sony Computer Entertainment Europe Limited the data controller for PlayStation Network/Qriocity personal data



Sony have made a big error, this has cost them millions, and it has also cost many subscribers lots of money and trust in the corporation.

People are calling this the hack of the decade, (I doubt it) it was a vulnerable system, which obviously let in some seriously stupid people who decided to take advantage and did not realize the traces that were being left.

If you are affected, these are the most common questions....

Q.1 When did you realise the system had been intruded?

We discovered between April 17 and April 19 there was an illegal and unauthorized intrusion into our network.

Q.2 How did you know that the system was intruded?

We watch for any issues that may be raised with respect to security and monitor for such issues both internally and externally.

Q.3 What is the main reason to this problem? Which parts of the system were vulnerable to the intrusion?

We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we will not comment further on this case.

Q.4 What action did you take (are you taking)? Is there any possibility of further unauthorized access?

As soon as we learned of this issue, 1) we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services, 2) we have also engaged an outside, recognized security firm to conduct a full and complete investigation into what happened, and 3) quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

Q.5 How many were affected? How many per each region? What is the latest status of PlayStation Network registered account/ operating countries.

Our investigation indicates that all PlayStation Network/ Qriocity accounts may have been affected.

Q.6 Does that mean all users’ information was compromised? Tell us more in details of what personal information leaked.

In terms of possibility, yes. We believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password, login, password security answers, and handle/PSN online ID. It is also possible that your profile data may have been obtained, including purchase history and billing address (city, state/province, zip or postal code). If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. If you have provided your credit card data through PlayStation Network or Qriocity, it is possible that your credit card number (excluding security code) and expiration date may also have been obtained.

Q.7 Have you notified those users?

We are sending out e-mails directly to these users to their e-mail address registered on the PS Network accounts. Also, we have posted web notices, and additional necessary procedures have been followed by each region.

Q.8 Have you received reports or claims that their PSN ID information/ credit card had been used improperly?

Not at this point in time.

Q.9 I want to know if my account has been affected.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.
For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.

Q.10 What should I do to prevent any unauthorized use of my (credit card) personal information?

For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other unrelated services or accounts, we strongly recommend that you change them. When the PlayStation Network and Qriocity services are back on line, we also strongly recommend that you log on to change your password.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit reports.

Q.11 Since when have PSN/Qriocity become unavailable and in which region?

PSN/Qriocity services have not been available since April 20 (US time) in all regions.

Q.12 How come it is taking so much time to resume the service?

We are taking the investigation seriously. We decided to keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services.

Q.13 How serious is this? Have the hackers broken the security on PSN/Qriocity? Are you taking necessary measures to prevent such outage happening in the future?

Since this is an overall security related issue, we will not comment further on this case but we are working to restore and maintain the services, including countermeasures against future intrusions.

Q.14 When will the service resume?

We are taking the investigation seriously. We will keep the service down to allow us to conduct a thorough investigation and verify smooth operation of our network services but are working hard to resume the services as soon as we can be reasonably assured security concerns are addressed.

Q.15 Seems like SOE service was also not available/ suffering outage. Is this true? Is this due to the same reason as the PSN/Qriocity outage?

SOE's service is available although a service interruption due to an external attack did occur. A thorough investigation is ongoing.

Q.16 I want my money back (subscription fee, content) since the PSN/Qriocity was not available.

When the full services are restored and the length of the outage is known, we will assess the correct course of action.

Q.17 There seems to be some games that cannot be played even offline?

Depending on the game titles, but mainly PSN games, some may require access to PSN for trophy sync, security check, etc.

Contact Details

Country Customer Support
Africa sonycustomercare.mea@ap.sony.com
Australia 1-300 365-911
Austria 0820 44 45 40
Belgium 011 516 406
Bulgaria support@sbhbg.com
Croatia playstation.hr@arsvenatus.hr
Cyprus 22352282
Czech Republic 225 341 407
Denmark 90137013
Estonia 6543484
Finland 600411911
France 0820 31 32 33
Germany 01805 766 977
Greece 801 11 92000
Hungary 1 814 4800
Iceland 591- 5100
India 1800-103-7799
Ireland 0818 365065
Israel 09-9711700
Italy 199 116 266
Latvia 67046049
Lithuania 37338655
Luxembourg 0820 31 32 33
Malta 234 360 00
Middle East - All sonycustomercare.mea@ap.sony.com
Netherlands 0495 574 817
New Zealand 09 415 2447
Norway 82068322
Poland 0 801 230 000
Portugal 707 23 23 10
Romania support@sbhbg.com
Russia 8-800-200-76-67
Slovakia 232 112 209
Slovenia 1 510 31 30
South Africa 0861 773783
Spain 902 102 102
Sweden 09002033075
Switzerland 0848 84 00 85
Turkey
bilgi@eu.sony.com

Ukraine 0 800 307 669
UK

0844 736 0595


When PSN comes back online, you MUST change your password. I would also remove all card details and related material.


The people who did this were far from clever. They will soon wish they had left well alone as Sony are going after them "aggressively"

Lock em up.

A breach of this magnitude is highly serious for those responsible when caught. So just so you know, Sony claim to not know of any use of bank details etc etc, well apparently, that is a lie.

Go check your statements immediately.


Fuck you Sony, total amateur hour. Idiots able to breach the system that has millions being transacted through it every day.

Absolute incompetence. Many will be suing over this little shindig, and rightly so.

As for those responsible, you can guarantee it was the anonymous group. They just did not realize the magnitude of the error of there ways, they will soon. Every single PS3 member affected (which is over 70 million) should individually sue those involved, and press full charges.

EDIT, the anonymous hacker group invited all hackers to join in and hack their selected targets, this was the stupidest thing in the world. As it means that they were not anonymous at all. Every single member will be found and convicted. It is only a matter of time, and time is soon running out.
Image
Censorship debunking & disinformation, it's all in a days work.

Writer
Posts: 21
Joined: Sun Mar 07, 2010 10:36 am

PostWed Apr 27, 2011 5:19 pm » by Gh0st


im all for hacking and ddosing, but stealing ppls money is a no go zone! true hackers would of just done it to prove their point and would not have done what these asshats have done.

Super Moderator
User avatar
Posts: 9120
Joined: Fri May 14, 2010 7:03 pm
Location: Inside You.

PostWed Apr 27, 2011 5:27 pm » by Troll2rocks


gh0st wrote:im all for hacking and ddosing, but stealing ppls money is a no go zone! true hackers would of just done it to prove their point and would not have done what these asshats have done.



I agree with you, there has been an ethical code crossed here, and it is totally against even black hat ethics.

Not to mention seriously stupid, anyone who is good at computers knows full well, you can not erase your traces completely, that is impossible.

These guys need to become the poster children of how not to hack and what happens when you get caught.

This is Sony...

Image
Image
Censorship debunking & disinformation, it's all in a days work.

Writer
Posts: 12
Joined: Wed Dec 08, 2010 6:22 pm

PostWed Apr 27, 2011 5:39 pm » by Wildeye76


Um yeah....guys....you're a bunch of tools, listen to you!
They should hunt em down and destroy them blah blah.
man..douche bags....
this site is full of info about corporations ripping people off and globalization etc etc... you guuys just shrug and have a nother hit of your bong..but when you mess with your computer games!??!? OMG how could they? Those hacker bastards!!! you guys are turds. Fat couch potato porn loving turds.

So...what...you cant pawn some newbs for a couple of weeks, boo friggin hoo!
Credit card numbers.. man...tools...24hr call center, 1. cancel the card have a new one ion 5 days or 2. tell them to block all purchases to sony. 3. re link to empty account, half of it can be done online in five minutes.
principle, banks get robbed, cars get jacked, people get mugged computers get hacked....grow a fuckin brain wannabe nerds!

People gettin there heads lobbed off, women getting raped, children being abducted, starvation famine, natural disasters...and this ugly idiot is worried about not being able to get nline and play computer games with his freinds, and the tone! the tone! you sound like you have seriously been screwed over... its a friggin game console douche bag!!!

ANd yeah..love the extra bullshit you threw in...1... guys who have PS3;s dont have girfreinds, only fat girls who cant do better ;) and 2. no one has hacked your credit card from sony and used it to spend 90 bucks..seriously
you just wanna whinge, wanna feel tough with your little penis and xero consumer voice.,


this is what you want..this is what you get etc etc

maybe now you can put down the controller, the bong and the litre of coke and geta fucking life hey? :)

Super Moderator
User avatar
Posts: 9120
Joined: Fri May 14, 2010 7:03 pm
Location: Inside You.

PostWed Apr 27, 2011 5:45 pm » by Troll2rocks


wildeye76 wrote:Um yeah....guys....you're a bunch of tools, listen to you!
They should hunt em down and destroy them blah blah.
man..douche bags....
this site is full of info about corporations ripping people off and globalization etc etc... you guuys just shrug and have a nother hit of your bong..but when you mess with your computer games!??!? OMG how could they? Those hacker bastards!!! you guys are turds. Fat couch potato porn loving turds.

So...what...you cant pawn some newbs for a couple of weeks, boo friggin hoo!
Credit card numbers.. man...tools...24hr call center, 1. cancel the card have a new one ion 5 days or 2. tell them to block all purchases to sony. 3. re link to empty account, half of it can be done online in five minutes.
principle, banks get robbed, cars get jacked, people get mugged computers get hacked....grow a fuckin brain wannabe nerds!

People gettin there heads lobbed off, women getting raped, children being abducted, starvation famine, natural disasters...and this ugly idiot is worried about not being able to get nline and play computer games with his freinds, and the tone! the tone! you sound like you have seriously been screwed over... its a friggin game console douche bag!!!

ANd yeah..love the extra bullshit you threw in...1... guys who have PS3;s dont have girfreinds, only fat girls who cant do better ;) and 2. no one has hacked your credit card from sony and used it to spend 90 bucks..seriously
you just wanna whinge, wanna feel tough with your little penis and xero consumer voice.,


this is what you want..this is what you get etc etc

maybe now you can put down the controller, the bong and the litre of coke and geta fucking life hey? :)



Dude you are a fucking idiot, they have attacked the customer not the company you fucking retard, I only had to read to sentences of your dribble to know you know fuck all about this.

And everything I have said is accurate, every single thing. You obviously just want a fight, go find a girlfriend, and stop trying to be an internet hoodlem lmao, you fail.

The people responsible for this, are idiots and attacked the consumer not the corporation. WTF are you talking about ?

Single most retarded statement in DTV history.


:lol:
Image
Censorship debunking & disinformation, it's all in a days work.

Initiate
Posts: 285
Joined: Sun May 18, 2008 3:15 pm

PostWed Apr 27, 2011 5:47 pm » by Cosmonaut


Sony will spin this to try to get you to focus your anger toward the hacking community. Bottom line for all you non-technical folks out there is you should be pissed at Sony and only Sony. They fucked this up royally. First by storing credit card numbers unencrypted probably due to their extreme overconfidence in the security of the PS3 which admitedly took ages to hack and lasted more than any other console device in history. However when it was finally discovered that they were storing keys clientside then all hell broke loose. This is the worst kind of security you can have and probably took so long to hack because no one figured Sony was this stupid. Second by their inept PR through the entire matter of taking a goddamn week to tell people their identities have been compromised. INEXCUSABLE. Sony has shown an extreme arrogance in this and deserves whatever hell and backlash is unleashed upon them by the consumers. I've already cancelled my credit card which I used on the PS3 network and suggest you do the same.

Oh the reason they drew the attentions of hackers in the first place was because they took functionality away from a product after they sold it to you. That's akin to Toyota coming to your house and removing the fucking tires from your car after you bought it.


To be honest they should not have had your trust after the rootkit fiasco a few years ago.
http://en.wikipedia.org/wiki/Sony_BMG_c ... it_scandal

We know that credit card details, including CC number, expiry date and CVV were sent as GET requests in URLs to Sony's servers. The URLs sent look like this:

creditCard.paymentMethodId=VISA&creditCard.holderName=Max&creditCard.cardNumber=45581234567812345678&creditCard.expireYear=2012&creditCard.expireMonth=2&creditCard.securityCode=214&creditCard.address.address1=example street%2024%20&creditCard.address.city=city1%20&creditCard.address.province=abc%20&creditCard.address.postalCode=12345%20

Since these were sent over SSL, they were encrypted while in transit but ultimately end up back in the same format on Sony's servers, and will almost certainly be stored in HTTP server logs in plaintext if nowhere else. The question is how long these logs are kept for and whether they resided on one of the servers which was compromised.


More details on what Sony send can been found here.
http://arstechnica.com/gaming/news/2011 ... curity.ars



Since you can't check what card is associated with your account with the network down, if you search your email for DoNotReply@ac.playstation.net it will tell you what credit card is associated with your account.

When did BP start doing PR for Sony?

Initiate
Posts: 285
Joined: Sun May 18, 2008 3:15 pm

PostWed Apr 27, 2011 5:52 pm » by Cosmonaut


troll2rocks wrote:
wildeye76 wrote:Um yeah....guys....you're a bunch of tools, listen to you!
They should hunt em down and destroy them blah blah.
man..douche bags....
this site is full of info about corporations ripping people off and globalization etc etc... you guuys just shrug and have a nother hit of your bong..but when you mess with your computer games!??!? OMG how could they? Those hacker bastards!!! you guys are turds. Fat couch potato porn loving turds.

So...what...you cant pawn some newbs for a couple of weeks, boo friggin hoo!
Credit card numbers.. man...tools...24hr call center, 1. cancel the card have a new one ion 5 days or 2. tell them to block all purchases to sony. 3. re link to empty account, half of it can be done online in five minutes.
principle, banks get robbed, cars get jacked, people get mugged computers get hacked....grow a fuckin brain wannabe nerds!

People gettin there heads lobbed off, women getting raped, children being abducted, starvation famine, natural disasters...and this ugly idiot is worried about not being able to get nline and play computer games with his freinds, and the tone! the tone! you sound like you have seriously been screwed over... its a friggin game console douche bag!!!

ANd yeah..love the extra bullshit you threw in...1... guys who have PS3;s dont have girfreinds, only fat girls who cant do better ;) and 2. no one has hacked your credit card from sony and used it to spend 90 bucks..seriously
you just wanna whinge, wanna feel tough with your little penis and xero consumer voice.,


this is what you want..this is what you get etc etc

maybe now you can put down the controller, the bong and the litre of coke and geta fucking life hey? :)



Dude you are a fucking idiot, they have attacked the customer not the company you fucking retard, I only had to read to sentences of your dribble to know you know fuck all about this.

And everything I have said is accurate, every single thing. You obviously just want a fight, go find a girlfriend, and stop trying to be an internet hoodlem lmao, you fail.

The people responsible for this, are idiots and attacked the consumer not the corporation. WTF are you talking about ?

Single most retarded statement in DTV history.


:lol:


Given that I expect hackers to exist in an internet enabled world, blaming them is a waste of my time. While they deserve blame, Sony deserves all of our blame.

I only came here to post this, enjoy the name calling.

Conspirator
User avatar
Posts: 4007
Joined: Wed Feb 16, 2011 9:03 pm

PostWed Apr 27, 2011 5:54 pm » by Rydher


Bottom line for all you non-technical folks out there is you should be pissed at Sony and only Sony.


People like you make me sick :vomit:. It's your kind of thinking that leads to the current state of the world. Don't blame the people that actually did something illegal. That's like if I leave my house unlocked and someone goes inside to rob it. It's my fault for leaving the doors unlocked. The person that did it has no responsibility at all? What the f ever.

While they deserve blame, Sony deserves all of our blame.

What kind of looney toon, circle logic is that. :lol:

Writer
Posts: 12
Joined: Wed Dec 08, 2010 6:22 pm

PostWed Apr 27, 2011 6:01 pm » by Wildeye76


yeah...they wanted to teach those pesky gameplayers a lesson lmao!!
You guys like...forgotten about all the money laundrying/drug trafficiking/human rights abuse laws/court filings for slave labour/exttortion accusations/god knows what else these guys have done. not to mentioned crappy consumer products at ludicrous retail mark ups, after purchase scams and poor consumer handling and a crap technical advice service. awww poor Sony!

You guys dont know whats goin on...shouldnt you be out with your binoculars waiting for Planet X to arrive and save all the shut in depressed people (and gamers included)??

Initiate
Posts: 735
Joined: Mon Jul 20, 2009 3:28 am

PostWed Apr 27, 2011 6:13 pm » by Iamcare


I have to say I think this latest hack has crossed a line. You dont bandy about other peoples information, which is why I don't beleive Anonymous are behind this because so far they've been smart enough to avoid the kind of scenario which would have people write them off as criminals. Their actions in regard to Senator Levin were an absolute godsend and that single action will have made a lot of Senators and congressman think twice before they use the black budget to silence those they deem 'undesirable'

The original anonymous hack that was done because of the guy who cracked and leaked the master code, I totally 100% agree with that. I don't care if a few people have to do without multiplayer for a few days whilst they make a completely valid and essential point.
Sony, like many coorperations would like you to beleive that when you buy one of their products you are only technically liscenced to use it, you do not outright own the product. This is of course a load of legal bullshit that makes it possible for playstation to get away with charging exorbitant prices for both their hardware and their software. This kind of legal ruling is like Nestle saying "you can buy our coffee, but legally its up to us if you drink it or not". It amounts to greedy unscrupulous actions by executives who have the legal system int heir back pocket, and can write insane contract stipulations like this into law and get away with not clearly stating their position on the box before you buy. They are instead in the small print , only available to read once the product is purchased. Thats called contractual entrapment and it is highly illegal, although obviously the coorperations pet courts will not enforce a law that does not benefit their master coorperations..

When I buy a playstation, it is mine, once have purchased it I have the legal right to do whatever I want with it, if that means smashing it apart with a sledgehammer or cracking the code to enable UGC the so be it, if playstation dont want that happening, then dont manufacture and market playstations, its that simple. These kinds of rulings have absoloutly destroyed the independant game market, and this was done for profit, nothing else. So well done anonymous for putting this huge co-orperation in their place and demonstrating that when consumers are openly and blindly taken advantage of, it will not be stood for.

But whoever leaked personal details needs to be in jail, that shit is not constructive and not funny, and it wouldnt surprise me if playstation did this themselves to tarnish the reputaion of Anonymous
Word is born,
Fight the War, Fuck the norm....


Upload to Disclose.tv


Dedication ---------------- Tenacity --------------------------- Volition
ImageImageImage


Next

  • Related topics
    Replies
    Views
    Last post
Visit Disclose.tv on Facebook