Sony Admits Private PSN Info Has Been Stolen - All Of It

[The Bandit]

I always thought fanboys were hilarious, until I saw them defending Sony for having shit security systems.

Why can't it be both the hackers' AND Sony's fault?

 

[pokepuke]

Thank GOD it's my old email and password on PSN and that I never bought any games off there. God hackers want us to sympathise with their cause and then pull shit like this. >.> I seriously hate hackers.

Because, of course, it's all just one group. Hey look, they made it easier for us to hate them! Looks like their consolidation is now working against them. Those hackers aren't so smart after all...

 

[Theseus32]

I'll just say this. Even if it wasn't "anon" in an "official" capacity, the odds of someone totally unaffiliated with the masked ones being able to pull off a truly remarkable hack like this are close to nil. Likewise, before ya'll start drinking the kool-aid, consider this. Stealing credit card numbers is easy as hell. USING such info is where it gets tricky. I'll lay good odds that aside from this being a truly epic middle finger to sony, no users end up harmed.

The moral? Attempting to start a war with the kind of people who are even capable of hacking their own PS3 is a really really bad idea.

Sony... u mad?

 

[Tony2077]

Anyone who originally blamed anonymous probably feels pretty stupid right about now.

nah look at the tread. Anyone who origninally blamed anonymous still does because all hackers are the same.

Why would a political activist group try to steal user data and credit card info? well duh because they're hackers

who ever did it is still anonymous so doesn't really change who your blaming it could be the group or some other nobody

Well you have to make a difference between the verb and the group. Not everyone who hides their identity visits /b and not everyone who's a regular on /b is in Anonymous.

when someone is anonymous it mean you don't know them so is there really a difference at this point

the point is:

http://en.wiktionary.org/wiki/anonymous is not the same as http://en.wikipedia.org/wiki/Anonymous_%28group%29 simple enough?

doesn't change the fact the who ever did i still anonymous as in we don't have a clue who did it so group or verb doesn't matter

 

[T-Bone24]

Well, apparently reports of compromised credit cards have been coming in since Friday at least. [http://twitter.com/#!/mikelreparaz/status/62987291831959554]

So how long did Sony know about this before today? Of course, I'm not basing a whole argument on one tweet, but it's still quite frightening.

 

[Vanbael]

For all the people who blame Sony, for god sakes they are victims in this too. Its like letting yourself get knocked out and you wake up with a missing kidney. The "sucks to be you" phrase would be condescending because you let yourself get gutted because you weren't expecting it. Yes it could have been prevented......for only a few more weeks because Sony is an optimal target, and so is Windows Live, Steam, Paypal, iTunes Store, anything networks with online spending. The numbers and money are there for the taking, they will take swings at that. Just be glad that your SSN isn't amongst that information.
*steps down from Soapbox*

Now I will be keeping for any suspicious spending, though I have little to spend. Blew the rest on a plushie (WORTH IT!)

 

[Dogstile]

The root key alone would not allow you to come anywhere close to being able to do something like this. It's Sony's net code that the hackers had to breach, not anything held internally within a specific PS3, and it obviously wasn't all that difficult.

But without the ability to run custom code AND access the PSN, they would never have been able to try. Hotz may not be the perpetrator here, but he is at least an enabler. Without his "mischief" whoever is behind this attack would never have been able to get whatever data they now got. Sony had good reasons to not allow custom code on the PSN, as this debacle shows without a doubt.

Don't get me wrong, I am very angry at Sony for apparently running a weak security (if any) inside the PSN itself, but as long as they were able to control the access there was no risk. Thanks to Geohotz and the other crackers who breached open the PS3 the door was open for actual attacks, and I do hold them responsible for that.

Well balls, I was going to ignore you up until this post, but it needs to be said.

PSN info would be stored on servers. You do not use a PS3 to get to those servers, this can be done via a computer. The codes release was poorly timed, however, the root key does not grant access to said server.

Please, I know its hard to understand, but i'm a bloody hacker myself (white hat, not black hat, and its awesome pointing out the flaws in there system to them, giving us all admin accounts, ugh, idiots). At the very least take my word for it that Geohot is not responsible, you're just making yourself look silly.

 

[redisforever]

*sniff* I smell lawsuits. Lots of 'em.

 

[Arisato-kun]

Well this ruined my day. Looks like it's off to the bank to get my credit card number changed.

While I can't completely blame Sony for this they're partially at fault seeing as shoddy network security contributed to this. Though, right now I just want to strangle the hacker.

I'm also done buying anything for PSN via credit card now.

 

[Theseus32]

Oh, if sony's looking for a good security company, I hear HBGary's looking for work.

 

[Azmael Silverlance]

Even if it was 1 guy who did it...there you go major major breakdown. And such a hole in the security cannot be fixed in 1-2 weeks. It will take quiet some time to re-design the network to better protect its data and customers. And yeah i smell lawsuits too. And Sony will HAVE to make up for all this.

Im happy i just registered once and then never did much. even my adress is different now

 

[Tony2077]

So how screwed am I if I do my payment through PSN cash card from like 7 eleven? I mean I only bought one card.

if you don't have a credit card on there other then changing your password there is nothing to worry about

Now to remember what my password was.

same here

 

[Moriarty]

Anyone who originally blamed anonymous probably feels pretty stupid right about now.

nah look at the tread. Anyone who origninally blamed anonymous still does because all hackers are the same.

Why would a political activist group try to steal user data and credit card info? well duh because they're hackers

who ever did it is still anonymous so doesn't really change who your blaming it could be the group or some other nobody

Well you have to make a difference between the verb and the group. Not everyone who hides their identity visits /b and not everyone who's a regular on /b is in Anonymous.

when someone is anonymous it mean you don't know them so is there really a difference at this point

the point is:

http://en.wiktionary.org/wiki/anonymous is not the same as http://en.wikipedia.org/wiki/Anonymous_%28group%29 simple enough?

doesn't change the fact the who ever did i still anonymous as in we don't have a clue who did it so group or verb doesn't matter

you are making no sense. We don't know who did this so it has to be this specific group because they chose a name describing the unknown?

That's like blaming Nascar because someone ran over your pet

 

[lord canti]

I see people posting how sony's security sucks and how you never have this happen on steam. Funny seeing how I find countless stories of peoples accounts getting hacked into. Granted valve almost always rectifies the situations. And while I don't blame sony 100% for this they damn well better give us something nice after this clears up.

 

[The Rockerfly]

Holy fuckness
All of their data... It just boggles my mind that somewhere someone or some people have potentially 50 millions users data and can literally go on any account at any time and do anything.
I know a system isn't 100% hack proof but really

You fucked up

This is not a simple fuck up you can restore your image with the PSN, you really did fuck up. Any chances of me buying a ps3 have officially gone out the window.