PSN got severely hacked, your personal information was stolen

The Playstation blog announced today the real reason behind the recent PSN outage. Black hat crackers have gained access to the Sony internal systems, and stolen the personal information from all PSN users. The stolen information is the following:

name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained

Even worse, your Credit Card might be at risk

While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

Thank you Sony… I have 2 different credit cards entered in your system, will you pay me back when my money gets stolen?

At least they are (finally) honest about what’s going on.

Unlike what some websites are saying, Anonymous declared they were not related to these attacks

The safe thing to do for now is to change your password on the websites you visit a lot (if, like some people, you have the same password everywhere), and check your bank regularly for suspicious activity.

source Playstation blog via ArsTechnica

  1. NoobSauce’s avatar

    And you’re convinced this is actually what happened?

    I don’t trust Sony enough to consider that the gospel truth about what happened. Isn’t it more likely they shut it down to keep unauthorized people (read: CFW) off the PSN?

    Reply

    1. wololo’s avatar

      @NoobSauce: this announce is really bad for Sony, they wouldn’t tell this if it weren’t true. They will lose customers and lots of money with this announce. They are being honest about what’s happening, which is a really good move for their customers who are now aware of the situation, but clearly not for them. So I don’t see how this could be a marketing move here.

      Now I feel super bad I put my real information in there, for each one of my accounts (I have one per country…)

      Reply

  2. Lukian’s avatar

    Phew, I’m lucky (and don’t use psn) because my father would kill me D;

    Reply

  3. Eric’s avatar

    So, this is what happened. how long till they fix this issue? This could destroy sony if the people who did this uses the credit card info. Would sony give every one the back the money that gets stolen? wow, this sucks… but these guys i have to admit, are very impressive to hack it like this. By the way, This is the first time i posted on here. good work wololo. love the site.

    Reply

    1. Osprey’s avatar

      Credit cards are generally covered by fraud protection through the issuing bank. Visa even has a fraud protection guarantee on every card with their logo. Banks have recourse available to them for transactions reported as fraudulent. Sony can’t do any of those things. So watch you accounts, report anything strange to your bank and many will return funds from fraudulent transactions within 24 hours. No one is going to need Sony to pay them back. Legally, you even have 6 months to notice and report a fraudulent transaction. And considering Sony has said they don’t believe any credit card numbers were compromised, only that they can’t rule it out, there’s no sense starting a panic. Identity theft and compromised passwords are a far bigger concern.

      Reply

      1. wololo’s avatar

        Thanks, this is good to know. I hope Mastercard has something similar

        Reply

  4. Fade’s avatar

    Does this count for PSPs

    Reply

    1. wololo’s avatar

      Yes, whatever way you accessed the PSN, your information is stored the same way, it is a shared account for all devices: PSP, Media Go, QRiocity, PS3,…

      Reply

  5. Eric’s avatar

    how long till psn is back up? could they be rebuilding the entire network for improvement?

    Reply

  6. ranch0076’s avatar

    Is sony done for… ? because this could hurt them very badly….

    Reply

  7. Eric’s avatar

    these hackers got sony by the balls on this one. good luck sony.

    Reply

    1. doppio’s avatar

      The ones who got grabed by the balls are not Sony, are the people who use those services. The hackers just stupidly hurt and panicked a bunch of random people.

      Reply

  8. hiro’s avatar

    luckily I don’t have a credit card attached on my account…

    Reply

  9. d’s avatar

    Err..This shouldn’t affect most people on this site. If you’re here, you’ve most likely hacked your console. WHICH MEANS YOU SHOULD NOT ACCESS PSN!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

    Reply

    1. wololo’s avatar

      I happen to use MediaGo and the Playstation Store to buy my stuff, when Sony does not lock me out of the PSN for various reasons. So yeah, although I haven’t used the PSN in a while (because Sony does not let me), I stil have my private information in there.

      Reply

  10. doppio’s avatar

    “Thank you Sony… I have 2 different credit cards entered in your system, will you pay me back when my money gets stolen?”

    I’m sorry with you wololo, but Sony is not the one owing you for your credit card info. The ones to blame are the fuckin’ hackers who made this just to harm people thinking that can harm Sony. That’s the consecuense of al the hating Sony everyone is so hype about lately.

    Reply

    1. wololo’s avatar

      Sony is the one responsible for securing my information. I of course don’t like the hackers who did that, but in my eyes Sony is responsible for not securing their network.
      If your bank was robbed by hackers, you would question their quality as a bank. You would hope for the hackers to be found and punished, but you would also ask your bank to take measures against that kind of action.

      You probably never worked in computer security, so your view on the company’s responsibility seems incorrect to me in this case.

      Most companies dealing with credit card numbers get attacks on a regular basis, and have appropriate security measure for that. Sony trusted the security of their console too much, and did the mistake a n00b in security would make: trusting the input from the client. This is computer security 101, they definitely need to take the blame for that.

      There’s also problems with their statement about our passwords being stolen. Do they really store our password in clear? are they THAT dumb?

      Reply

      1. doppio’s avatar

        Ok, I really don’t know about security, but in that case there’s no such thing as an invulnerable system. I’m sure you give your info to Sony knowing this can happen (because you know about security stuff). Just don’t blame them for the hating, I’m pretty sure the dumb idiots who stole all that info are not going to be able to use it anyways. Now you and all people are informed and can take measurements, and something tells me the ones taking the info don’t know what they have in their hands or if they use that info they can be found more easy.

        Reply

        1. wololo’s avatar

          Yes, there is no invulnerable system, but there are basic security rules and laws for companies that handle credit card payments.

          How comes the passwords went out? Were they stored in clear? A php beginner wouldn’t do that kind of mistake!

          Credit card information stolen? How is that even possible, this information is supposed to be encrypted. I work for a company that accepts online payments, no employee can access the credit card information once it is stored. There are very precise contracts about such security with Visa and Mastercard, and let me know that if Credit Card information leaked from Sony, Visa is going to ask them to pay for that, and explain their security mistakes. If things go really bad, I also think governments might ask Sony to give explanations.

          So no, when I give my Credit card information to a respected company, I assume some of my private information might leak in case of a hack such as my address and my birthday, but not my password or my credit card information. The fact that they announced that it might be possible people have had this information really makes me wonder about their security systems, and how they actually handle people’s privacy.

          If a hacker could get my credit card info and my password, how can I be sure that a Sony employee didn’t access this information too? This shouldn’t even be a possibility.

          Reply

          1. equis’s avatar

            In fact, US government is making the firsts questions to Sony about this security breach: senator Richard Blumenthal is criticizing Sony for this problem and asking for responses in the system to SCE president, Jack Tretton. Even the firsts rumors about misuse and fraudes are circulating in internet. So, be careful with your credit card information, and check your bank account frequently.

  11. akai1987’s avatar

    Sony gets more enemies day by day. :-) Maybe, it’s a sort of protesting or something.

    Reply

  12. Eric’s avatar

    I hacked my psp, but not my ps3 because im brand new to it (got it this christmas) so i decided not to hack it right away. and this is what people get for not hacking their consoles…

    Reply

  13. jake’s avatar

    urg i wonna play games online! !@#$ you guys im going home….

    Reply

  14. Lejam987’s avatar

    After all that happened to Sony…will this be the last blow, ’cause it’s a grab to the nuts.

    Reply

  15. RockingWellTibbers’s avatar

    I’m sure this happen. Anonymous rejecting the cause? Psh, you *do* realize that anonymous is just bunch of random people in IRC, supporting the threat against Sony. Thus, the “hacker” is obviously apart of anonymous because you cannot really define who anonymous are.

    Wake up and smell the coffee :D

    Screw Anonymous and those who support it. I feel bad for Sony situation. And just to show you, I only have a PSP-1001 that I haven’t touch in years. I just happen to play Wagic a lot :D

    Reply

    1. wololo’s avatar

      as I told on other forums already, if Anonnews doesn’t mark the act as an “Anonymous” act, then it’s not.
      It is a loose organization, and the only thing they can really do is put an “Anonymous” label on some stuff that happens. When they don’t put such a label, it means it’s not one of their acts, by definition.

      Even if the hackers have been involved with other anonymous actions in the past, this specific action is not labeled as “Anonymous”.

      Put in other words, the fact that you work for company X does not mean that your posts on my blog represent Company X’s opinion, not even that you intended to post in their name.

      Or another example, my work on Wagic is not a Greenpeace product, even if I went to an anti-nuclear protest last week. (not that this happened, but you see the point)

      Reply

      1. doppio’s avatar

        I think people related to the annonymous attacks are responsible for this, but obiously they are doing it by themselves and not declaring it an annonymous (group) thing. No need to be sherlock holmes to figure this is a consecuense of all the Sony hating annonymous (group) fueled that time.

        Reply

        1. equis’s avatar

          Hard to say that. But the problem is that your way of thinking about the problem could be spreaded…

          Reply

  16. juan321’s avatar

    damn i think hack a firmware, a psp or a ps3 isn’t bad because we have all the right to play our backups o some homebrews but hack the psn that sucks if sony bankruptcy we will never have the NPG or new games i’m in disagree with this hackers fu*k them :/

    Reply

  17. TMMDI’s avatar

    I’m glad I use Steam instead of PSN, but yeah I feel for you guys who have your information stored in the PSN.

    Reply

  18. madman158’s avatar

    “After days of speculation, Sony has confirmed that PlayStation Network and Qriocity were infiltrated and personal details, including credit card data, was compromised. The system was hacked three full days before Sony shut down PSN access. The official announcement comes only after Democratic Senator Richard Blumenthal publicly chastised Sony for it’s slow response to the problem. It is also interesting to note that they waited until after the press conference for their soon-to-be-released PlayStation tablet and after the stock market has closed.”

    I bet Bill Gates is having a party over this.

    Reply

  19. hackerspawnedsony’s avatar

    thats why SONY, MICROSOFT,squre enix and even facebook is hiring hackers.. because they know hackers these day are far more way better than their programmers and developers and their so scared that one day their security will be breached.. with hackers by their side, no one will sabotage their products..

    LONG LIVE HACKERS…

    Reply

  20. Tonch’s avatar

    The other thing I’m wondering is why I haven’t received an email or any other communication from Sony telling me that my hypothetical street address and credit card information was stolen.

    That seems like kind of an important thing to do.
    If I wasn’t up on gaming news all the time I would never have known unless I tried accessing the PSN and looked up why it wasn’t working (I haven’t connected my PSP to it ever since I put HBL on it).

    Reply

  21. Mitch’s avatar

    SHIT NOT COOL =( at least i dont use a credit card on it

    Reply

  22. MarkMG’s avatar

    Well it has a common component used by any cheap politician since the beginning of times (and a popular one lately)… the name is FEAR.

    To me this is just some bullsh*t to turn ppl against the hacker community and cause fear and confusion, that’s how you turn a big bunch of free ppl into slaves ;D.

    It would be funny that they went as far as to abuse the information just to prove their point and blame others for it. Just my two cents, if i’m wrong then i apologize and rectify, they’re not liars, they’re just stupid, Lol.

    Reply

    1. doppio’s avatar

      Sony cannot do that. If they said there was an attack then it should be true. Your comment just fuels all the conspiracy theorist out there and the Sony hating. You are the one creating fear like a politician.

      Reply

  23. MarkMG’s avatar

    Wololo… ;)

    Reply

    1. MarkMG’s avatar

      Oh geez sorry this got sent separately, just thanks for letting us all know about this things Wololo, and ppl, keep your eyes open, but not enough to believe all they see ^^.

      Reply

  24. Rob’s avatar

    I am very concered because my best friend I let him watch netflix on his ps3 and we share th account now im concerned do they have my vreit card info?

    Reply

  25. man_of_power05’s avatar

    this makes all hackers look bad…

    Reply

  26. bluesora98’s avatar

    wow…Sony is going downhill, real hard-first,6.20 hen was released givving a lot of life to the homebrew community. and anonymous attack.then 6.38 exploit found.and let us also not forget ps3 being hacked.and now psn got pwned
    Sony is really having problems NOW…

    Reply

  27. boytellunews’s avatar

    ITHINKIKNOWHOHACKEDPSN

    Reply

  28. axel’s avatar

    this problem is very big for Sony…

    Reply

  29. A’s avatar

    SONY ESTO, SONY AQUELLO, MMMMMMMMMMMM
    WHATS ABOUT THE COSTUMERS

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>