By using this site, you agree to our Privacy Policy and our Terms of Use. Close
Kasz216 on 04 May 2011
Edit Thread
Pristine20 said:
Mirson said:
Pristine20 said:
Mirson said:
Pristine20 said:

What amazes me most about all this is how many are already acting like their info as stolen and I bet their facebook pages already has all said info as wel and chances are they also have lots of people as "friends" that they dont realy know. Drama queens...

l

Yeah, I'm sure facebook pages have home addresses, e-mails, passwords, bank account numbers, cc, and other info for the public to see. Also, you're forgetting that not everyone who are at risk have a Facebook account.

Anyways, corporations have a duty to keep customer's information secured, and they must notify their customers in a timely matter whenver a breach occurs. Sony, on the other hand, took about a week to notify their customers, and they barely found that SOE was affected as well (almost two weeks since it happened).

Pretty sure PSN doesn't use bank account #s either. And yes, facebook potentially has all the other info. You'd be surprised how many use their birthdate as a password.

About the week notification, judging by the nature of people's response, I'd say sony was justified in waiting a week. You know why? Lots of tin foil hat wearers tend to panic for no reason. You can't release such info till you're absolutely sure that's the case. People were mad at the JP govt for withholding info on the extent of the radiation leak at fukushima. I understood why the JP govt did it when I heard of people hoarding KI in California.

I may seem like a sony bot to you but I actually agree that sony f'd up if they really didn't fully secure the data but I'm not sure what is truth from what's a rumor anymore. I also read a min ago that SOE had just laid off 200 people the week of the hack so chances are that it could be an inside job. If thats the case, I dont think any security software would've made a difference.

The most important thing is to take every situation for what it is instead of blowing it out of proportion. Is there any news of fradulent activity on anyones CC related to the breach as of this moment? No. Is there any news of I dentity theft related to the breach (IDK how this one would even be possible w/o an SSN which sony doesnt collect)? No. So why are people acting like they got robbed already?

So you're saying that Sony waited a week to notified their customers because people would panic? Notifying them a week after the attack only hurts Sony because it shows how slow they are and how little they care about their customers. And the fact that they barely found out about the SOE breach, almost two weeks after it happened, is embarrasing.

The SOE hack had bank account numbers in there. Not sure if they were encrypted, but Sony has confirmed that most of the data from PSN was unencrypted, except for the credit card numbers. But then again, you can out a new credit card with such information. I don't remember providing my SSN when I applied for a credit card from a major cc provider.

Identity theft victims don't tend to realize they've been a victim until a few months after their identities being stolen. It takes a few months until the damage is done, and some companies don't require your SSN to take out a loan or get a credit card. They have every right to be worried.

- PS3, PS2 & PSP owner
- Forensic course taker

I did not say Sony waited because people would panic. I said I think they were justified for waiting when they weren't sure. That's my view based on how people have responded to this situation. i'm not sure of the details of the SoE hack as that one hasn't been of any concern to me since it doesn't really apply but if it's true that they have stated that that hack was at the same time as the previous one....could it possibly be that it was only discovered now because workers had been diverted to PSN?

There are always 2 sides to a story and multiple possibilities. Why should they be embarrassed that their hackers were very skilled?  You see it as Sony's security sucking, I see it as some A class hack attack. High security banks have been robbed in the past and the perpetrators never caught...what gives? These guys hacked an internet security firm....the type that provides the kind of software sony uses (Anonymous hacked Hbgary....I make this statement under the assumption that Anon or a group at least as skilled as them is responsible for this). Did you read the latest? Apparently, the FBI and the security firms Sony hired dont even have the tools or know how to track the hackers.

What am I saying? While you may believe that corporations should be or are somehow impregnable because they're huge, I simply see them as entities with lots of individuals working together with room for error moreso sometimes than even smaller businesses/companies. I've worked for one too and could've screwed stuff up. Chances are the hackers are more knowledgable than sony's employees too and that shouldn't come as a surprise as these people are trying new things everyday while sony's employees have to follow SOPs.

Never heard anything about bank acount #s in the SoE hack. This is what I've read and it says nothing of bank accounts: http://kotaku.com/#!5797858/more-than-12700-credit-cards-stolen-from-sony-online-entertainment. Perhaps you could provide a link?

Sure they have a right to be worried but i still think people are being overdramatic. At the worst case, the hackers still have to choose you from millions.I have all my info there too and the only thing I care about is when I can get back to killzone 2. I'm the type who worries about "risks" after they happen not one who victimizes himself based on speculation. Maybe just a case of different philosophies. Thing is, many who worry about this issue with sony would probably shop online today or fill out some form online and said info could be stolen by hackers too.  Hell you could give your card to a cashier to swipe at a store and they could memorize your CC number , combine that with the info you already gave and they have a spending spree (I worked in a pharmacy...yes, we take all your info when we fill your prescriptions and I swiped cards for people too...Wont have been hard to be a crook).

The only way to be 100% safe from identity theft will be to move back to the stone age. At the end of the day, you just have to live and let live.

So... I'm guessing you haven't been paying attention to the recent threads where Sony says they were hacked through a generally known vulerability that they weren't aware of... and the House testimony that suggests they were using unpatched servers without firewalls.

http://www.tomsguide.com/us/PSN-Hack-Exploit-Data-Theft-Credit-Cards,news-11050.html

and

http://arstechnica.com/tech-policy/news/2011/05/house-hearing-blasts-sonys-half-hearted-half-baked-hack-response.ars

respectivly.

From that information it sounds like, you or I or any other computer competant person could of hacked Sony... due to Sony not knowing something that had been known by most other people... for months... and could have been informed, just by joining the mailing list... or just going to the website and noting the update.

It's like being mad that someone got a virus on your home network because they didn't update their anti-virus software after installing it.