01101010
Terracotta Army
Posts: 12007
You call it an accident. I call it justice.
|
I haven't followed the PSN debacle too closely, but apparently this was presented today as new news: This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain. Not to sound too naive about this, but how long are typical expiration dates on cc's? I know my Visa check card is 3 years and I get a new card with a new CVS. So this database would/should be useless, no?
|
Does any one know where the love of God goes...When the waves turn the minutes to hours? -G. Lightfoot
|
|
|
Amaron
Terracotta Army
Posts: 2020
|
Not to sound too naive about this, but how long are typical expiration dates on cc's? I know my Visa check card is 3 years and I get a new card with a new CVS. So this database would/should be useless, no?
It says they don't even have CVS in the first place.
|
|
|
|
5150
Terracotta Army
Posts: 951
|
Not to sound too naive about this, but how long are typical expiration dates on cc's? I know my Visa check card is 3 years and I get a new card with a new CVS. So this database would/should be useless, no?
I never cancelled my xBox live gold one time because the credit card I used had expired - Microsoft still charged and the cc company still paid out! Assume nothing Mr. Mulder!
|
|
|
|
Lantyssa
Terracotta Army
Posts: 20848
|
Was in my inbox this morning.
|
Hahahaha! I'm really good at this!
|
|
|
Mrbloodworth
Terracotta Army
Posts: 15148
|
I haven't followed the PSN debacle too closely, but apparently this was presented today as new news: This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain. Dagnabit.
|
|
|
|
CharlieMopps
Terracotta Army
Posts: 837
|
"There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment."
Up until May 1st there was no evidence that SOE was hacked and SOE was in a completely separate and secured environment... was it not?
Let's just get this out of the way: If you've ever done business with Sony, cancel the card you used... and never do business with Sony again.
|
|
|
|
Tebonas
Terracotta Army
Posts: 6365
|
Oh shit. That means my old Everquest account data is compromised?
Damn, not having that retarded console didn't help me either! Fuck you Sony!
|
|
|
|
UnSub
Contributor
Posts: 8064
|
The implication of this rolling embarrassment to Sony is that the hackers may have done some nasty things to their internal systems and could even have planted time bombs that could cause further damage.
Virtual companies are only as good as their public integrity. You don't trust your credit card details to a company who's been pillaged more than an open bar at an Irish wedding.
SOE could launch the most fun game ever tomorrow and would you really be willing to give them your financial details to gain access? I'm guessing not.
|
|
|
|
Mrbloodworth
Terracotta Army
Posts: 15148
|
Reading that some are saying hackers are getting in through facebook games, or some such holes in that area.
|
|
|
|
Lantyssa
Terracotta Army
Posts: 20848
|
That wouldn't be too surprising. Everyone wants you to tie accounts to your Facebook, but that's probably where the weakest security is.
|
Hahahaha! I'm really good at this!
|
|
|
Stormwaltz
Terracotta Army
Posts: 2918
|
I recommend that everyone change their name, gender, and birthdate immediately.
|
Nothing in this post represents the views of my current or previous employers.
"Isn't that just like an elf? Brings a spell to a gun fight."
"Sci-Fi writers don't invent the future, they market it." - Henry Cobb
|
|
|
Tebonas
Terracotta Army
Posts: 6365
|
Again? My coworkers will start to talk...
|
|
|
|
Mrbloodworth
Terracotta Army
Posts: 15148
|
I recommend that everyone change their name, gender, and birthdate immediately.
How, its down.
|
|
|
|
Yegolev
Moderator
Posts: 24440
2/10 WOULD NOT INGEST
|
|
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
|
|
|
sickrubik
Terracotta Army
Posts: 2967
|
I think he meant in real life.
The line at the county clerk recorder is going to be long. :(
|
beer geek.
|
|
|
Mrbloodworth
Terracotta Army
Posts: 15148
|
Yeah it dawned on me later. 
|
|
|
|
sickrubik
Terracotta Army
Posts: 2967
|
Ya know, amusingly, half a cup of coffee later, I missed the sarcasm too, and went the other way. So, I share in your pain.
I also have no idea why I'm admitting to this, other than maybe only being half a cup of coffee in.
|
beer geek.
|
|
|
Mrbloodworth
Terracotta Army
Posts: 15148
|
Well, when I read it, I was LOOKING for a way to change all my info.
|
|
|
|
cironian
Terracotta Army
Posts: 605
play his game!: solarwar.net
|
Just steal someone elses identity and use that. It's what all the cool kids are doing these days.
|
|
|
|
Amaron
Terracotta Army
Posts: 2020
|
"There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment."
Up until May 1st there was no evidence that SOE was hacked and SOE was in a completely separate and secured environment... was it not?
No they said from the start that SoE got hacked. They just didn't know if the data was compromised. As a side note I'll forgive SoE for losing all my data if they go out of business.
|
|
|
|
Ratman_tf
Terracotta Army
Posts: 3818
|
|
 "What I'm saying is you should make friends with a few catasses, they smell funny but they're very helpful." -Calantus makes the best of a smelly situation.
|
|
|
Lantyssa
Terracotta Army
Posts: 20848
|
Well, good luck getting all that changed in real life. The gender marker can be a real bitch in a lot of jurisdictions. Oh, a lot of companies won't let you change any of that info even if your info changes. (Married? Tough, you're your maiden name forever as far as they're concerned.) Hope you read that third sentence before going through the hassle.
|
Hahahaha! I'm really good at this!
|
|
|
Morfiend
Terracotta Army
Posts: 6009
wants a greif tittle
|
Just steal someone elses identity and use that. It's what all the cool kids are doing these days.
Or buy one. I heard there is a lot of supply right now. 
|
|
|
|
Sophismata
Terracotta Army
Posts: 543
|
Sony's Patrick Seybold passed along the positive news: "The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack." I think the greater danger is the personal information. Changing your CC info and reversing fraudulent charges is relatively easy. Changing your name, gender, address, email address, and secret questions is not. And with access to all of those, there is far more potential for damage.
|
"You finally did it, you magnificent bastards. You went so nerd that even I don't know WTF you're talking about anymore. I salute you." - WindupAtheist
|
|
|
Chimpy
Terracotta Army
Posts: 10633
|
I am almost thinking (with the whole "we are moving data centers for better security" which leads one to think it was a physical security issue as much as a software security one) that maybe one of the people who got axed last month may have done this out of spite. And that it is being labelled as an "external" intrusion because the perpetrator is a very recently unemployed former SOE employee.
|
'Reality' is the only word in the language that should always be used in quotes.
|
|
|
Amaron
Terracotta Army
Posts: 2020
|
Has anyone found any kind of PHYSICAL security device or something for dealing with passwords due to this? I want to switch to unique passwords per site but that would leave me using like 50 passwords. The idea of storing them on a hard drive even encrypted leaves me feeling a bit meh.
|
|
|
|
CmdrSlack
Contributor
Posts: 4390
|
Has anyone found any kind of PHYSICAL security device or something for dealing with passwords due to this? I want to switch to unique passwords per site but that would leave me using like 50 passwords. The idea of storing them on a hard drive even encrypted leaves me feeling a bit meh.
I have one of these. When I bought mine, I grabbed the cheapest one. It has a password management feature that is useful for websites you visit on a regular basis. I'd feel pretty safe keeping a plaintext or encrypted file on it as well to store and manage my passwords for stuff that isn't necessarily "connect via a browser."
|
I traded in my fun blog for several legal blogs. Or, "blawgs," as the cutesy attorney blawgosphere likes to call 'em.
|
|
|
NiX
Wiki Admin
Posts: 7770
Locomotive Pandamonium
|
I don't have to worry about either CC breach because my card company (Capital One Canada) was brilliant enough to send out everyones fancy new chip cards with the associated pin needed to use it to the wrong addresses. With no activation required. So guess who got a new card number with no notice whatsoever as to why? I'm sure they'd prefer their excuse to be because of Sony.
|
|
|
|
Salamok
Terracotta Army
Posts: 2803
|
I always get paranoid when considering the different password vault gizmos (especially the smart phone apps), seems the perfect phishing ploy. Doesn't help that the majority of product reviews written these days are of the let me google that and find 10 similar items that I can copy paste into a "10 best xxx" article w/o actually looking at any products variety.
|
|
|
|
Paelos
Contributor
Posts: 27075
Error 404: Title not found.
|
So is it back up yet?
|
CPA, CFO, Sports Fan, Game when I have the time
|
|
|
Morat20
Terracotta Army
Posts: 18529
|
That wouldn't be too surprising. Everyone wants you to tie accounts to your Facebook, but that's probably where the weakest security is.
Didn't facebook JUST switch to allowing an HTTPS option? A bit behind the security curve. :)
|
|
|
|
tgr
Terracotta Army
Posts: 3366
Just another victim of cyber age discrimination.
|
So is it back up yet?
That's what she said.
|
Cyno's lit, bridge is up, but one pilot won't be jumping home.
|
|
|
Amaron
Terracotta Army
Posts: 2020
|
I have one of these. When I bought mine, I grabbed the cheapest one. It has a password management feature that is useful for websites you visit on a regular basis. I'd feel pretty safe keeping a plaintext or encrypted file on it as well to store and manage my passwords for stuff that isn't necessarily "connect via a browser." That website is confusing. How does it stop keylogging from snooping the password? Does it have some sort of external method for entering the password?
|
|
|
|
CmdrSlack
Contributor
Posts: 4390
|
Not that I'm aware of. Perhaps it's moreso for the secure browser stuff. I nabbed it for the PW manager feature and the ability to transport client data from work to home without having to use dropbox. It's nice to know that even if I drop it, the data is not going to get into anyone's hands.
|
I traded in my fun blog for several legal blogs. Or, "blawgs," as the cutesy attorney blawgosphere likes to call 'em.
|
|
|
Minvaren
Terracotta Army
Posts: 1676
|
And now, Sony blames Anonymous ("indirectly") for the attack. Sony said on Wednesday that Anonymous targeted it several weeks ago using a denial-of-service attack in protest of Sony defending itself against a hacker in federal court in San Francisco.
The attack that stole the personal data of millions of Sony customers was launched separately, while the company was distracted protecting itself against the denial-of-service campaign, Sony said.
The company said it was not sure whether the organizers of the two attacks were working together. Though how a hacker could get in through a successful DDoS is beyond me... 
|
"There are many things of which a wise man might wish to remain ignorant." - Ralph Waldo Emerson
|
|
|
|