Author Topic: PlayStation Network hacked, personal information of 77 million accounts compromised (Read 6809 times)

BucklingSpring · « **on:** Wed, 27 April 2011, 20:00:08 »

Explicit subject...

This is probably a Guinness World Record's grade for the biggest breach in history.

Apparently Android and other PDA/SmartPhone OS' are not much stronger than Sony's

So what do you think… Is it the end of the world as we know it?

BucklingSpring · « **Reply #1 on:** Wed, 27 April 2011, 20:34:45 »

Quote from: ripster;338381

Maybe THAT'S where my Credit Card info got stolen.

Visa didn't particularly seem interested in catching the culprit when I talked to them

They don't make a big deal of it on the phone. But they do their homework...
It really depends what went wrong with your card.

There are so many scenarios – Here's a couple just to name a couple

Dumpster diving to retrieve and steal data for carbon paper (small breach, low interest)
Card cloned while swiped in a compromised sales point. All cards known to have been swiped during the suspected compromised window will be deactivated (still small-medium breach, low interest)
Transactional Internet site compromised, gazillion cards stolen (major breach, high profile – They'll work day and night to track the hack. But the wise ones are often in Russia or China where US have very little reach.

Good old Wikipedia for CC fraud 101

BucklingSpring · « **Reply #2 on:** Wed, 27 April 2011, 21:16:32 »

Quote from: ripster;338417

Main thing with the PSN attack is you better not be using the same password as your bank accounts or you can be royally screwed.

Why not? It is so easyier to remember :-)

Credit card companies are so paranoid... I wouldn't be surprised if they cancell all the cards used to purchase a Play Station.

Ekaros · « **Reply #3 on:** Fri, 29 April 2011, 03:34:42 »

Quote from: ripster;338417

Main thing with the PSN attack is you better not be using the same password as your bank accounts or you can be royally screwed.

Or they could over do it like here in Finland. My bank requires 8 number indetifier+4 number Pin...

And one time usable pin. Still, CCs are less protected, if they don't force using this same system...

Still, CCs are somewhat unsafe, for the services which keep info around...

77Million, it hasn't yet been on web, so I guess it's "professional" job. Quite nice penny for info it has, even if CCs are not usable...

sndstrm · « **Reply #4 on:** Fri, 29 April 2011, 03:44:51 »

Whats funny is that every Xbox360 user is sitting back snickering.

Quote from: Ekaros;339047

77Million, it hasn't yet been on web, so I guess it's "professional" job. Quite nice penny for info it has, even if CCs are not usable...

You mean it hasn't posted on Wikileaks?

Ekaros · « **Reply #5 on:** Fri, 29 April 2011, 03:55:51 »

Quote from: sndstrm;339048

Whats funny is that every Xbox360 user is sitting back snickering.

You mean it hasn't posted on Wikileaks?

Or to piratebay

sndstrm · « **Reply #6 on:** Fri, 29 April 2011, 07:27:33 »

Quote from: Ekaros;339050

Or to piratebay

Eww, that would be ugly. I pretty sure piratebay has been shutdown though.

Ekaros · « **Reply #7 on:** Fri, 29 April 2011, 07:35:59 »

Quote from: sndstrm;339072

Eww, that would be ugly. I pretty sure piratebay has been shutdown though.

It would, but style of Anonymous and some for fame hackers... When did you last check on thepiratebay?

sndstrm · « **Reply #8 on:** Fri, 29 April 2011, 07:43:37 »

Quote from: Ekaros;339075

It would, but style of Anonymous and some for fame hackers... When did you last check on thepiratebay?

Well I know they have been in some pretty heavy legal trouble and heard they were being shut down. When you mentioned it I tried going to it and I get this.

sndstrm · « **Reply #9 on:** Fri, 29 April 2011, 07:55:03 »

Not that I was trying to look up 77,000,000 credit card numbers >=]

Ekaros · « **Reply #10 on:** Fri, 29 April 2011, 07:55:36 »

Quote from: sndstrm;339077

Well I know they have been in some pretty heavy legal trouble and heard they were being shut down. When you mentioned it I tried going to it and I get this.

You got an evil ISP, works perfectly fine here... Certain ISPs and countries block it, free internet, no cencorship...

Only, 2,2M "lost"... Still, I heard the other info might be good...

sndstrm · « **Reply #11 on:** Fri, 29 April 2011, 08:01:56 »

Quote from: Ekaros;339086

You got an evil ISP, works perfectly fine here... Certain ISPs and countries block it, free internet, no cencorship...

I kinda had a feeling that was the problem. I wish I wouldn't have seen that because now it's going to eat at me. I'm an isohunt evangelist anyways!

reaper · « **Reply #12 on:** Fri, 29 April 2011, 17:57:53 »

I don't know if any of you guys have accounts over at DSL Reports web site but they were attacked via SQL injection method just a few days ago. Emails & passwords were stolen.

http://news.cnet.com/8301-27080_3-20058471-245.html

Theres's a link in the article that takes you directly to discussion on their forum.

reaper · « **Reply #13 on:** Fri, 29 April 2011, 19:30:25 »

And then we have this guy selling CC & CCV dumps, skimmers, etc. on this very forum. lol

audioave10 · « **Reply #14 on:** Sat, 30 April 2011, 02:54:46 »

This is not the first time that Sony has screwed-up.

Voixdelion · « **Reply #15 on:** Sat, 30 April 2011, 05:52:35 »

sony is royally pissing me off lately. Now i got email re the xfactor audition registrations at fox - apparently they have also gotten hit too, though the amazing thing is thney didn't hsve much more than email and name anyway. What really irks me about the psn thing is the amount of info that was available for them to steal - name phone address email login pass age dob ... why did sony even need all that for their little game network anyway?

sndstrm · « **Reply #16 on:** Sat, 30 April 2011, 09:06:55 »

Quote from: Voixdelion;339446

... why did sony even need all that for their little game network anyway?

Very good question. They would say something like, "that is the required info for billing purposes". Too bad you cant link the payment to paypal so you wouldnt have your billing info spread to the four winds. But the psn network is supposed to free anyways. Well their basic subscription anyways.

sndstrm · « **Reply #17 on:** Sat, 30 April 2011, 10:15:06 »

Quote from: ripster;339502

My dob is always Jan 1. Gung Hay Fat Choy is my city of birth.

Gung Hay Fat Choy, Alabama

godly_music · « **Reply #18 on:** Sun, 01 May 2011, 18:31:30 »

eBay and Amazon are equally prone to screw up big, so this is not a Sony problem. This is a problem of massive data graves. Since nobody really likes Sony, well, hooray to us.

instantkamera · « **Reply #19 on:** Sun, 01 May 2011, 18:44:41 »

Quote from: BucklingSpring;338379

Apparently Android and other PDA/SmartPhone OS' are not much stronger than Sony's

?

BucklingSpring · « **Reply #20 on:** Mon, 02 May 2011, 05:02:36 »

Quote from: ripster;339318

Time to open up yet another email account for Forum use!

That's the way to go... I love unlimited aliases on paying webmail services.
It takes a split second to create and is live as soon as you click OK.

Then if I ever receive spam at MyGeekhack@whatever.com. I know where something went wrong… :-)

BucklingSpring · « **Reply #21 on:** Mon, 02 May 2011, 05:05:43 »

Quote from: instantkamera;340025

?

Just a matter of time before a major leak makes it to the news.

instantkamera · « **Reply #22 on:** Mon, 02 May 2011, 19:15:14 »

Where is the "apparent" weakness? If you are talking about "tracking data", that isn't really in the same scope, plain-text or otherwise.

BucklingSpring · « **Reply #23 on:** Mon, 02 May 2011, 19:41:38 »

Quote from: instantkamera;340669

Where is the "apparent" weakness? If you are talking about "tracking data", that isn't really in the same scope, plain-text or otherwise.

On the end user side, most phones are not encrypted vaults (Unless hardened). On the Network side, I don't know how Wireless phone companies are managing their central databases.

Ekaros · « **Reply #24 on:** Sat, 14 May 2011, 21:43:47 »

BTW, my PC still works online? How is that consoles "it just works"?

Ease of gaming...

sinis · « **Reply #25 on:** Wed, 18 May 2011, 18:26:19 »

here we go again

Voixdelion · « **Reply #26 on:** Wed, 18 May 2011, 21:22:51 »

Re: NEW security hole/exploit:

Well, duh.

What kind of security fix lets you reset your stolen password with the same information that was already confirmed as being stolen?! 0_o

My nomination for the epic fail/Darwin award goes to Sony this year. Cripes!

audioave10 · « **Reply #27 on:** Wed, 18 May 2011, 23:28:12 »

That video lags like crazy. I'm not crazy about controller movement either. Mafia II on PC looks better (I don't care about AA). Ripster, please, check other PC forums about PC games and hardware. OCN is not the best place to hang out. I only use one video card too.

Voixdelion · « **Reply #28 on:** Thu, 19 May 2011, 02:57:56 »

So it wasn't really a "hack", but it WAS a "hole"... only if you reset the pass through the website instead of from the ps3 directly apparently. But still, I missed the logic train in using personal data which is known to be exposed as criteria for proving your identity. That just seems like a no-brainer to me. I still think this is the fault of trying to mine and store so much information (particularly when it isn't even warranted for those specific purposes.) Sony is a complete cluster **** lately. What happened over there?

audioave10 · « **Reply #29 on:** Thu, 19 May 2011, 09:29:14 »

They are currently busy trying to put 80 year old grandmothers in jail because their grandson downloaded a movie.

BucklingSpring · « **Reply #30 on:** Sun, 22 May 2011, 09:44:19 »

Quote from: Voixdelion;348373

So it wasn't really a "hack", but it WAS a "hole"... only if you reset the pass through the website instead of from the ps3 directly apparently. But still, I missed the logic train in using personal data which is known to be exposed as criteria for proving your identity. That just seems like a no-brainer to me. I still think this is the fault of trying to mine and store so much information (particularly when it isn't even warranted for those specific purposes.) Sony is a complete cluster **** lately. What happened over there?

Technically, you don't need to break or force anything to be considered a hack.
You are "hacking" as soon as you exploit or abuse the system for anything beyond your written rights and privileges.

No matter what, the hacker is exposed to serious legal retributions from the system owner. If a crime was committed, the hacker will also have the law on his back.

If the system owner was negligent at protecting personally identifiable information (PII) or financial data such as credit card information. Then he is also exposed to some major problems such as user class actions and even Federal/States lawsuits.

On the long run, this is going to be an interresting Sony story.
But they have so much money... They can afford to be dumb.

BucklingSpring · « **Reply #31 on:** Sun, 22 May 2011, 13:51:12 »

Quote from: ripster;349802

I laugh at ethical corporate concerns. That's why I own AAPL.
(Attachment Link) 18410[/ATTACH]

ROFL - Did Panda-R hit again? She looks like she might be his daughter.

News:

Author Topic: PlayStation Network hacked, personal information of 77 million accounts compromised (Read 6809 times)