U.S. Senator Blasts Sony for Keeping Breach Secret
- Thread starter Greg Tito
- Start date
http://datalossdb.org/
thats one of the best lists of data loss incidents so far, its not a government or political group running the the list. its security iondustry professionals maintaining it. and Sony made top 5 on largest dataloss! good job Sony!
other news! Sony knew they were targeted by hackers just prior, and then suddenly the network goes down and it takes them a week to learn that it was a dataloss incident? I call bs on that! they knew it was a dataloss from the very start, they knew it was a hack. they just hoped the data wasnt of importance and they just spent the past week going over what was stolen. i assume Sony does the correct thing and have CC info on a seperate server with limited access to the account servers, as in calling up the CC info gets the final 4 numbers after a shitton of * wich explains the "maybe" for CC info was lost as well part. but Sony in all accounts in this incident has done a diservice to PSN customers by not informing them that a hacker gained access to the server and potentialy gained access to personal information from day 1.
suggestions for staying safe with CC info for onetime purchases online... simply use a prepaid credit card. doesnt matter what company, like Sony or MS or steam.
other suggestions for these issues.. if you are not expecting mailed items, never use your real address unless you expect something snail mail. your name? unless its a government run site, your bank, or utilities.. PSN, no way would i use my real name and real address. escapist forums? same thing. reason is if there is a dataloss then they get nothing. fake name, fake address, useless prepaid CC... the sys admnins can track me down quite easily anyway and if they cant then they should be fired. but thats just simple ways of protecting yourself online for things that dont include snail mail items being sent to you, or your real life bank and bills. and the real life ones... you already submitted that info so if they lose it there was nothing you could do anyway.
again as for Sony, they screwed the pooch and should have said from the get go it was a breach, start changing passwords if you use the same for multiple sites with the same username as PSN.
*edit, I dont use my real address for sites like Newegg long term. if I order something I change my registered address to the real one, order item and after it is shipped and recieved by me I change my address again to a fake one. I do the same for CC.
Sounds reasonable. Sony's is (partly) at blame here, and because of that the financial security of (Thousands? Millions?, I have no clue) are at risk. They caused this mess, now they have to fix it. If that means that they have to pay, so be it.
It's a great safety tool to buy the money and time cards for PS3 and 360 rather then use a credit card on the console anyways. I remember a few years ago a small string of credit card fraud occurred to a number for Xbox 360 users that got their accounts hacked specifically to find out their credit card info though I am not very clear as to how they did it. Despite this fiasco though I can't stay made at my slim hulking black box I got a 360 to tie me over on netflix and online play till the PSN is back up and nothing is stopping me from playing my single player games on it.
I said in another thread about this that Sony must be in a lot of trouble for this incident! Its nice to see that something is being done here, because somepeople could be knee-deep if their card details are used...
God, first John Funk makes a joke about SETI looking to get money from the hackers who stole credit card details, now this? Brushing it aside, saying people shouldn't be upset about this, like it's just some kid who lost his ipod and over-reacted. It might not be the end of the world for everyone but for some people it could be the end of their world, depending on what happens.
I know the two situations are completely different (and I know you know that) so then WHY bring it up? Why bring up your opinion about an issue that's already passed now? What's the point in getting angry about a situation that happened in 2008, when there is a situation happening right now that we can actually do something about? When is the appropriate time to do something about this? 2014?
It might not be a big deal to you, or to every single person, but to the people it's going to directly effect? Let them get annoyed about it, let them get pissed off about it. It might not be a huge thing for everyone but for the people it could/will effect, it's going to be a real kick in the balls re-reading seeing how the escapist is happy to joke about their lives beings effed up by some hackers.
Class act, really.
I know the two situations are completely different (and I know you know that) so then WHY bring it up? Why bring up your opinion about an issue that's already passed now? What's the point in getting angry about a situation that happened in 2008, when there is a situation happening right now that we can actually do something about? When is the appropriate time to do something about this? 2014?
It might not be a big deal to you, or to every single person, but to the people it's going to directly effect? Let them get annoyed about it, let them get pissed off about it. It might not be a huge thing for everyone but for the people it could/will effect, it's going to be a real kick in the balls re-reading seeing how the escapist is happy to joke about their lives beings effed up by some hackers.
Class act, really.
My real question in all of this is whether GeoHot's hack was instrumental in this breech(as in, his hack was directly used to cause the breech). It probably wasn't, but, if it was and can be proven to be the case...oh, the implications! The legal, political, and sociological ramifications could be staggering! I only ask because the timing is suspiciously coincident.
(I have a PSN account, but I never put my credit card on there, thank goodness; I always used the PSN cards you buy at retail)
(I have a PSN account, but I never put my credit card on there, thank goodness; I always used the PSN cards you buy at retail)
Yeah! Screw you, Dick Blumenthal, junior Senator from Connecticut, serving 2011-present! Where was your voice in the Senate during the Financial Crisis of 2008 and subsequent bailouts (2008-9)?Greg Tito said:
Oh, that's right...suing Countrywide Financial [http://www.ct.gov/ag/cwp/view.asp?Q=420722&A=2795] (now Bank of America) as Attorney General of Connecticut for issuing subprime mortgages using deceptive and fraudulent practices.
Well each one of the 75 million customers supplied Sony with an email address, wonderful tool.Kumagawa Misogi said:
They can, in moments contact each and every one of us. But they haven't and so the majority of their customers still don't know that they need to change their card numbers.
Have you ever seen what it's like to send out a mass email?
Sending out just 1000 emails can take a few minutes to an hour depending on how you're sending it, you're email etc. etc. even with the right programs to do it as efficiently as possible.
Now think that this is them sending out 75 million emails. That is a LOT of emails to send out. That is also going to be slowed down by people who put in invalid emails so they get bounced back.
I received my email sometime last night. It's happening, they are just taking a while to do it since it's something that takes a while. Just because they are Sony doesn't mean they can perform magic.
Sending out just 1000 emails can take a few minutes to an hour depending on how you're sending it, you're email etc. etc. even with the right programs to do it as efficiently as possible.
Now think that this is them sending out 75 million emails. That is a LOT of emails to send out. That is also going to be slowed down by people who put in invalid emails so they get bounced back.
I received my email sometime last night. It's happening, they are just taking a while to do it since it's something that takes a while. Just because they are Sony doesn't mean they can perform magic.