I've just checked German and Irish laws, and while I can't find anything about the home situation, my second citizenship in Germany makes Sony perfectly suable should my data be compromised due to §42a if the federal data protection act. It states that Sony should have notified customers the moment they had cut access to that data off - meaning the 19th, in this case, when the servers went offline.
At least the law is on our side here.

Yup I may have been compromised as well and i've already taken appropriate precautions. Gone to the bank today and talked to financial adviser who said if I didn't need my debit/CC for anything that I cancel it and get a new one. Taken the liberty of canceling my current one and having a new one issued. I've also changed the password on my bank account to a new one as an added precaution incase the hackers try to get their hands on the cash. As a third precautionary measure I have separate accounts and have my Debit/CC linked to just 1 then filter money into that one in case of something like this happening.

Also wanted to come in and say some of you disgust me with your posts. Sony is indeed at fault, but you need to remember the primary person at fault here is the hacker for committing the crime. Sony didn't open up it's doors and say "Mr. Hacker please come take this information from us" deciding to blatantly screw over their customer base. That hacker is the one that went into the system and potentially stole the information and is the one that needs to garner your hatred, ire, angst, anger, etc... . I am going to say kudos to Sony since they understand they F'd up and are trying to fix the problem.

If some of you want to sit around and whine about it fine I hope you get your stuff stolen. As for me and the others out there we are going to do something about it and properly protect ourselves. Also for you microsoft people I say get out and go play your stupid system and sit in whimsical bliss that believe you are 100% from ever having your crap stolen.

/end post/statement

Well sony's main problem is they had little to no security on the personal info.

Basically there was a keypad(With a long sequence unlikely to be broken, until that Geohotz fiasco), and beyond that there was http://www.vgcats.com/comics/?strip_id=302. Almost everything was in plaintext...no security measures for accessing the data, and they didn't even notice the intrusion til a few days after the fact. That's some bad security practices right there.

Another fine example, but the "ideal" solution is not much more intricate - it's just that you need a pair of special glasses to read those pages there, after you broke the padlock.

In the case of passwords, the ideal solution is never storing the passwords at all. There's a box you can put a password in, and if it's right, it'll go green, otherwise it'll go red, but there's no way to get the password out of it.

so did this guy actually "suffer a breach of security"?

from the same article...



So it was encrypted. There "plaintext" probably showed:

(ex.) XXXX XXXX XXXX 6249
exp. date: 06/14

John Smith
Whogivesa[censored] Lane
Nowhere, New Nowhere
847563
(or F3D 7A5 if your a fellow Canadian. I don't know what other countries use as postal/zip codes. I just figured the majority of the forum-folk were American.)

So I think were safe. And I'm pretty sure Sony said they didn't get the CCV number, if they even ask for that. some people companies/businesses don't.


"Very sophisticated" my [censored] ass. you trying to tell us the hackers have access to "more sophisticated" technology in order to hack it than your "very sophisticated security system"? Oh, right, I'm sorry, they termed it as "malicious".

source: http://www.cbc.ca/news/technology/story/2011/04/28/technology-sony-playstation-data-breach-lawsuit.html

I don't have a PS3, but I have a PSP that I download PS1 games from PSN to from time to time. It's good to know that the credit card data was encrypted, but why the HELL wasn't the other personal data? Guess I've got to brace myself for about a hundred e-mails advertising "Pills from Canadian Pharmacy!".

No, they have purely found a way to get through. You don't need to be more sophisticated but, indeed, malicious. Word from the CCC here is that it might have happened through access to a top-level e-mail account, from which they send out a trojan. That is malicious and can break a system at the right time, say, when a holiday is about to start.

Like Easter

Got my email today. I didn't put any credit card info to my PSN account, do you figure I'll be okay?

I was impressed, the email was tailored to me - it had all sorts of steps I should take and what my state's laws can do for me. A lot of something about a security freeze I could put on my bank account, but I don't need that if I didn't give PSN my credit card info, right?

But, I did put my real name, address, and b-day to my PSN account. No suspicious emails so far....

Alaisiagae, change your passwords anyways, not only to your PSN account, but to your e-mail account it's registered to as well if it's anything similar.

Can't remember my PSN account, I haven't logged on in months. I don't use the same password for it and my email, I know that much.

Looking over my registration email again, I only gave my PO box address, not my physical address. I guess that's good.

You did well. Thank flying spaghetti monster you didn't need your fricken SSN or equivalent.

Damn, I'm rather glad I haven't gotten a PS3 just yet. I may still get one, but I'm definitely going to double my efforts to remain as anonymous as possible in the network, just as I should with any other major network. I'm not going to blame them, since no company is 100% protected against potential threats. No matter the level of security, there's always a way to get around it. :shrug:

I hope nobody's information is used with any malicious intent against their own will, and I also hope this particular type of attack never occurs again, since Sony should now know how to guard against it.

I'll have to contact my stupid isp to reactivate my email account so I can my passwordnb surf wv vv wv q

They have a wierd system of making a master account whenever you move and deactivating the old one without notice...
Only problem I can forsee is having to make a new subaccount and thwn changing the username/email name that some sitea require and can never change

I agreed with the "wv w wv q" part.

Love thw droid

I know, same here, [censored]



How do I do this without being connected to PSN, can I still do this just with the internet access.

No, but apparently, when PSN comes back online it'll ask you to change your password before you can log in. Or the update, I'm not sure which'll come first.

I'll be honest, I wasn't terribly concerned about this anyway, and I just realised that my card expires at the end of the month so I'll be getting a new one anyway.

lol gtfo hackerz.

I believe the proper word is "haxx0rz".

Can you sign onto PSN via the official Sony Playstation website? It's easier for me to type on a keyboard than with the PSP.

This must be a nightmare for Sony.

Yes you can, you can register on it and so forth as well.

More info:


http://www.wired.com/threatlevel/2011/04/playstation_hack/?

So if you reuse your passwords across multiple services now would be a good time to change it on other services.

Some official information when it is supposed to be back up:

http://www.wired.com/gamelife/2011/04/playstation-network-restore-date/

Alright thanks.