o_O.Q said:
when was it confirmed that credit card info had been stolen? as far as i know it was only ever confirmed that it may have been stolen |
the closest thing would be http://www.guardian.co.uk/technology/blog/2011/apr/29/playstation-network-hackers-credit-cards not 100% confirmed but likely.
@TheVoxelman on twitter
zarx said:
As for forcing password changes that was happened when the forums were brought back online, steam accounts themselves weren't compromised. |
As I said, they took down the PSN to do a further investigation into what had happened, instead of investigating while the service was still up, which is worse. And as pointed out by that article, it took 4 days to announce the problem, like with Valve, and both didn't know the full extent till a few days later. So really, Valve has no pluses for their actions.
And are you ignoring what people are posting? This is from 2 articles from the 11th:
'Valve's investigation of that incident revealed that the "the intrusion goes beyond the Steam forums".' - Source
"Valve boss Gabe Newell confirmed that an investigation of the security breach revealed that the hackers also managed to access a Steam database which contained usernames, games purchased, email addresses, hashed and salted passwords, billing addresses and encrypted credit card information." - Source
This goes beyond just the forums. And they are still investigating to figure out the full extent of the attack. My guess is they are keeping Steam up so they won't have to worry about getting a bad name and hearing people bitch about not being able to access their games.
| thismeintiel said:
As I said, they took down the PSN to do a further investigation into what had happened, instead of investigating while the service was still up, which is worse. And as pointed out by that article, it took 4 days to announce the problem, like with Valve, and both didn't know the full extent till a few days later. So really, Valve has no pluses for their actions. And are you ignoring what people are posting? This is from 2 articles from the 11th: 'Valve's investigation of that incident revealed that the "the intrusion goes beyond the Steam forums".' - Source "Valve boss Gabe Newell confirmed that an investigation of the security breach revealed that the hackers also managed to access a Steam database which contained usernames, games purchased, email addresses, hashed and salted passwords, billing addresses and encrypted credit card information." - Source This goes beyond just the forums. And they are still investigating to figure out the full extent of the attack. My guess is they are keeping Steam up so they won't have to worry about getting a bad name and hearing people bitch about not being able to access their games. |
No it took Sony 4 days to announce the hack claiming they were bring down the service to fix damage, it took a week to let people know that information was comprimised which was the important thing so people could take steps like changing passwords. Hence the difference.
I never denied that things other than the forums were comprimised just that so far Steam accounts themselves were not comprimised or at least there is no evidence they were, just the forum accounts. Hence why they haven't brought down Steam not that there would be any advantage to bringing it down anyway the damage has been done and they already brought down and rebooted the point of attack.
@TheVoxelman on twitter
zarx said:
No it took Sony 4 days to announce the hack claiming they were bring down the service to fix damage, it took a week to let people know that information was comprimised which was the important thing so people could take steps like changing passwords. Hence the difference. I never denied that things other than the forums were comprimised just that so far Steam accounts themselves were not comprimised or at least there is no evidence they were, just the forum accounts. Hence why they haven't brought down Steam not that there would be any advantage to bringing it down anyway the damage has been done and they already brought down and rebooted the point of attack. |
Yea, and it took Valve 4 days to say they were hacked, as well. Then it took a day more before they realized that more vital info may have been compromised. Plus, they are still investigating. It could turn out worse than they thought. Point is, the timeframe isn't that different from Sony's.
The advantage of taking it down is to investigate everything without extra activity, while at the same time implementing new security measures to make sure it doesn't happen again. If they aren't going to do that, what's to stop hackers from doing it again? And of course some Steam accounts were comprimised. The hackers used info they got from the forums to hack into an actual Steam database with credit card info and billing addresses. That info is not required from you when you join a forum.
Shinobi-san said:
I agree that the companies are also victims....but consumer anger is well justified. These companies ask consumers to entrust personal and confidential information to them, under the pretense that they are able to secure that information. Or at the very least adhere to the bare minimum standards in security mechanisms. In Sony's case they didnt even do that. If companies are gonna require information from consumers, they need to be able to secure it. And if they dont, then consumers should be angry. After all, in such cases consumer trust is so important....which is why sony themselves made a pretty big deal about it as well as the big public apology that came afterwards. Im pretty sure they new that they messed up and deserved the backlash from consumers. |
The only thing Sony did wrong was to not to inform there customers of the situation sooner as soon as they suspected a breach PSN should have been locked up, the same goes for Valve. truth be told your personal information is not safe anywhere online and there was no proof that credit card information was stolen then used only circumstancial evidence. I agree that company should have the duty to look after and completely secure your details but it's always going to be aloosing battle online.
As for personal information other than credit card numbers if people want your information they can get it, most of us have facebook and we link our facebook up with different accounts across the net with a little effort from someone with the know how and we can't hide anything! At the time of the Sony hack there were a number of other security breaches over the net within the space of two weeks my user information was lost by 4 seperate companys.
The people we should be slamming are the hacking groups that make it there duty to steal it!
I'm not trying to defend any single company over these problems there all as guilty as each other but we have to put in to context the severity of the situation both Valve and Sony had to say CC info was a risk because they could 100% guarantee it, the press are the ones that hyped up the situation
thismeintiel said:
Yea, and it took Valve 4 days to say they were hacked, as well. Then it took a day more before they realized that more vital info may have been compromised. Plus, they are still investigating. It could turn out worse than they thought. Point is, the timeframe isn't that different from Sony's. The advantage of taking it down is to investigate everything without extra activity, while at the same time implementing new security measures to make sure it doesn't happen again. If they aren't going to do that, what's to stop hackers from doing it again? And of course some Steam accounts were comprimised. The hackers used info they got from the forums to hack into an actual Steam database with credit card info and billing addresses. That info is not required from you when you join a forum. |
You miss the point they brought down the forums while they investigated as that is where the attack was targeted so there is no benefit in bringing down the Steam service it's self. The database that was accessed was linked to the Steam account list but didn't contain the Steam account passwords etc which is why they haven't asked people to change their Steam passwords unless it's the same as the forum password. Not everything is in one database, they do know that the databases with forum passwords etc was comprimised and that the database containing financial reccords (including credit card info) tied to steam accounts was accessed but there is currently no evidence of what if anything was taken from said database but given the time that the hackers had access and the other activities probably not a lot could possiby have been taken according to some analyst I read. Not like the multi stage attack on Sony.
It is bad but it's still nowhere near the Sony attacks yet
@TheVoxelman on twitter
d0nni3 said:
As for personal information other than credit card numbers if people want your information they can get it, most of us have facebook and we link our facebook up with different accounts across the net with a little effort from someone with the know how and we can't hide anything! At the time of the Sony hack there were a number of other security breaches over the net within the space of two weeks my user information was lost by 4 seperate companys. The people we should be slamming are the hacking groups that make it there duty to steal it! I'm not trying to defend any single company over these problems there all as guilty as each other but we have to put in to context the severity of the situation both Valve and Sony had to say CC info was a risk because they could 100% guarantee it, the press are the ones that hyped up the situation |
Its a grey area.
Hacking groups are obviously to blame and are obviously the main issue. But i stil feel that consumers are entitled to throw some anger at the companies as well.
I dont know much about the Steam hacking yet, but ive done a fait bit of research on the PSN hacking, and i feel that the security mechanisms in place wernt up to scratch. As for how much this matters? Probably not very much.....a professional and dedicated hacker group will find a way to get access to something, irrespective. But like i said, the least companies can do is use standard security mechanisms thats accepted in the ICT industry.
Also i have no issues with the timing of the public been told, or how either company has handled the situation. Theres only so much that can be done in a situation like that, and i think they did everything apart from finding the culprit and re acquiring the info which is practically impossible.
pezus said:
That's bollocks, I'd be glad to reconsider if I saw any evidence of credit card info being stolen. |
I think the closest we got to confirmation was when Patrick Seybold released a statement saying "credit confirmation probably was comprimised". I guess it wasnt confirmed but i think its safe to say that we should all assume that it was?
Personally I'm not really sure until I hear something new on the matter directly from Valve. Free games would be nice though. :D
The intrusion comes at a bad time for Steam, which is not only premiering a major title — Bethesda’s “Elder Scrolls V: Skyrim” — Friday, but is also facing long-term challenges from Electronic Arts’ Origin service, cloud gaming service OnLive and an as-yet-unreleased online service from retailer GameStop.
Bad time indeed.
About Us |
Terms of Use |
Privacy Policy |
Advertise |
Staff |
Contact
Display As Desktop
Display As Mobile
© 2006-2025 VGChartz Ltd. All rights reserved.
