Support NeoGAF

[Ranger X]

So how does this not concern people using PSN?

Isn't PSN handled by SOE ??

 

[geebee]

Shit, Sony is being hit hard.

 

[Salaadin]

What's the normal expiration time on credit cards?

Mine says 2012 and I got it last year I think.

Seems they only extended the search to SOE recently when they shut down the servers. (yesterday?)

They must have found something on the initial investigation leading to this.

My debit card that I just received a few hours ago expires in 2014

 

[desh]

How do I check to see what information I had on my PSN account. I think I only set up the account, I don't know if I actually did anything with it.

 

[notworksafe]

So how does this not concern people using PSN?

Isn't PSN handled by SOE ??

No. SOE is it's own division. PSN is handled by Sony Computer Entertainment.

 

[Ferrio]

I can't think of a single reason as to why I should let Sony handle my personal info after this.

I can, after this you'd be damn sure their security is up to snuff.

 

[xelios]

Well...Sony does. That's why they are telling us exactly how many were taken.

Yeah, they do. A long time afterward judging from this. New stuff keeps coming up. Ever heard of being proactive? Seems like common sense to me for anyone to change their card #s over this. It's not that big of a hassle tbh.

 

[Gospel]

i heart u sonny

 

[Jinfash]

.

Oh, ok, so this breach was part of April's attack, but was discovered less than 24 hours ago. That sure won't dispel any of the bad press, it'll just make it worse.

 

[BeeDog]

Maybe it would be wise to put up a disclaimer in the OP that Free Realms players should be extra cautious.

 

[V_Ben]

No. SOE is it's own division. PSN is handled by Sony Computer Entertainment.

It was designed by SOE though, if I remember correctly. Probably why both were hacked in the same intrusion. Proof that you don't let the brains behind Star Wars Galaxies design your console's online infrastructure.

 

[Loudninja]

Oh, ok, so this breach was part of April's attack, but was discovered less than 24 hours ago. That sure won't dispel any of the bad press.

Really who excepts someone to go after 5 year old dated? I pretty sure they check the never data first.

 

[Darklord]

I don't even know how the to check when I played an SOE game or what card I used. Fuck these cunt hackers and fuck Sony who being so incompetent.

 

[Ranger X]

No. SOE is it's own division. PSN is handled by Sony Computer Entertainment.

Ok. I hope SCE will also inform us about he possible credit card leak. I am waiting this info before cancelling my card.

 

[V_Ben]

Maybe it would be wise to put up a disclaimer in the OP that Free Realms players should be extra cautious.

Data was stolen from a database that was pre free realms. Their data hasn't been stolen (that we know of). Free Realms was released in 2009.

 

[xbhaskarx]

Americuh fuck yeah

 

[Hanmik]

could someone please describe SOE and PSN's relationship?

 

[BeeDog]

Data was stolen from a database that was pre free realms. Their data hasn't been stolen (that we know of). Free Realms was released in 2009.

Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.

Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained - we will be notifying each of those customers promptly.

Maybe I'm just misreading, but it implies hackers may have aquired hashed passwords, e-mails and other personal info just like in the main PSN case. And on top of that, the old 2007 database info.

 

[notworksafe]

could someone please describe SOE and PSN's relationship?

None, really. They are both part of Sony but are different divisions.

 

[AndyD]

Apart from the
bit, the press release is very US centric, which is odd to me, as the important bit of this, in my opinion, are these 12,700 credit cards.

The thing is they are from 2007, so virtually all would be expired by now. I have never had a card last me more than 2 years before it expires.

 

[V_Ben]

Maybe I'm just misreading.

Ah, right. People who have played SOE games, might have had their personal info stolen, but if their credit info doesn't fit the description, then their card details are safe (for now?).

 

[notworksafe]

I don't even know how the to check when I played an SOE game or what card I used. Fuck these cunt hackers and fuck Sony who being so incompetent.

Most cards expire within 2-4 years. Unless the card you used to play an SOE game was brand new at the time I don't think you have to worry.

 

[Darklord]

Most cards expire within 2-4 years. Unless the card you used to play an SOE game was brand new at the time I don't think you have to worry.

I don't like the idea of my name, address, email address, gender, birth date and phone number being out there either.

 

[Zeouterlimits]

The thing is they are from 2007, so virtually all would be expired by now. I have never had a card last me more than 2 years before it expires.

Mine lasts 4 years. 2007 + 4 = 2011. It would still be effect.

 

[notworksafe]

I don't like the idea of my name, address, email address, gender, birth date and phone number being out there either.

Does your area have a local phone book? Do you use Facebook/MySpace/whatever?

One also assumes this CC info was encrypted in the same manner as PSN's info.

 

[Darklord]

Does your area have a local phone book? Do you use Facebook/MySpace/whatever?

Kinda different being in a phone book to having a group of hackers collect it all.

 

[notworksafe]

Kinda different being in a phone book to having a group of hackers collect it all.

Just saying all of that info isn't difficult to obtain and you should probably assume it is out there already from other sources.

 

[spwolf]

Maybe I'm just misreading, but it implies hackers may have aquired hashed passwords, e-mails and other personal info just like in the main PSN case. And on top of that, the old 2007 database info.

they got hashed passwords? damn it.

 

[x3sphere]

I'll be surprised is SCE ever lets SOE near PSN again after this, except to publish the odd thing. They can't do any damage that way.

It's not SOE's fault... they have practically nothing to do with PSN.

 

[ElRenoRaven]

I think we can all officially agree now that the people in charge of Sony's online security are total fuck ups who should be fired. Every single one of them.

 

[Hanmik]

but free realms and dcuo are on PSN, maybe the servers are the same as on PC, and that is how this happened ??

 

[Metalmurphy]

they got hashed passwords? damn it.

You know that's close to worthless right?

but free realms and dcuo are on PSN, maybe the servers are the same as on PC, and that is how this happened ??

Do you need to create a SOE account if you play them on the PS3 or does it use ur PSN info?

 

[Dresden]

I think we can all officially agree now that the people in charge of Sony's online security are total fuck ups who should be fired. Every single one of them.

They'll fall on their swords.

 

[notworksafe]

they got hashed passwords? damn it.

Aren't hashes one way? Could a hacker even do anything with that?

 

[V_Ben]

It's not SOE's fault... they have practically nothing to do with PSN.

I'm pretty sure they helped build it... I'm a bit fuzzy there though.

 

[railGUN]

Has Sony said whether the password hashes are salted?

 

[Dabanton]

Oh dear...

 

[Metalmurphy]

Has Sony said whether the password hashes are salted?

No.

 

[CrunchinJelly]

Most cards expire within 2-4 years. Unless the card you used to play an SOE game was brand new at the time I don't think you have to worry.

But when a card expires the new one has the same number as the old one. All that changes is the valid from and to.

 

[Dedication Through Light]

I thought it says may have been stolen?

 

[Commanche Raisin Toast]

so it took place the same time as the PSN attack, yet some news sources say that they don't believe they are related until sony can prove it.

that would be SOME coincidence. sorry.

 

[SafeinSound]

Hahahaha, oh Sony...

 

[Arzehn]

When they say non-US... what about Canada?

 

[JonathanEx]

so it took place the same time as the PSN attack, yet some news sources say that they don't believe they are related until sony can prove it.

that would be SOME coincidence. sorry.

It's not so much same time, but same attack. Remember the PSN hack was dated as between 17th and 19th April - hackers had plenty of time playing around in Sony's systems.

...I think. Sony's statements are as HELPFUL AS EVER. Correct moi if wrong.

 

[notworksafe]

But when a card expires the new one has the same number as the old one. All that changes is the valid from and to.

Last time mine expired I got a new number (it's a Visa). Is that not how every CC company works?

 

[Mario]

I don't recall ever playing a SOE-developed game. Well, except for Gripshift, which they published. Am I safe in that case?

The purchase of GripShift was completely handled through PSN, so your credit card info is "safe" (PSN breach notwithstanding).

I assume this relates to subscription based, quite possibly just the PC stuff (he said without properly reading the article).

 

[Kyoufu]

Final nail in the coffin for SOE.

 

[Commanche Raisin Toast]

It's not so much same time, but same attack. Remember the PSN hack was dated as between 17th and 19th April - hackers had plenty of time playing around in Sony's systems.

...I think. Sony's statements are as HELPFUL AS EVER. Correct moi if wrong.

right, im saying i think they were both coordinated attacks from the same source, and technically should be considered one attack. i don't see any reason to believe that it's coincidental separate attacks from different sources is what im saying.

 

[BeeDog]

The purchase of GripShift was completely handled through PSN, so your credit card info is "safe" (PSN breach notwithstanding).

I assume this relates to subscription based, quite possibly just the PC stuff (he said without properly reading the article).

Thanks for clarifying this.

Spoiler

Psst, you never released the Shatter patch with the PC-specific additions.

 

[Loudninja]

I thought it says may have been stolen?

Yep it did, its right in the OP.