Genesis Knight
Member
Someone have the YouTube link that GIF is from? I'd like to see it in context.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Approx 12,700 non-US customer card numbers and expiration dates stolen from SOE
- Thread starter V_Ben
- Start date
VisanidethDM
Banned
kurtrussell said:
Data sample too small, give it time.
Also, mandatory avatarquote.
VisanidethDM
Banned
Captain Tuttle said:
I'd argue that selling faulty hardware and being victim of an hacker assault aren't on the same moral standpoint. Sony screwed up, for sure, but there's nothing fraudolent in their behaviour.
Also, if Microsoft didn't go for an insurance/warranty solution, they would have been pretty much open for a class action that would have killed the console no matter the outcome.
It's sort of apples to oranges, really.
I still think people is way too harsh with Sony. If a group of motivated hackers want to pull something like this, there's nothing you can do to stop them. And if you're actually after the money, this is NOT how you do it. Getting something out of this will be nigh impossible. Banks are alerted, insurances are active, consumer awareness is through the roof - this kind of crime, to pay, needs to fly under the radar.
This entire situation is, in my opinion, absolutely about the recent anti-hacker stance Sony took, and it's fundamentally about making Sony look as bad as possible. The people stealing this data knows they painted a target on them. They won't be stupid and use it.
It should also be noted that if security codes weren't leaked, then the cards are "safe" in terms of online usage (still possibly prone to cloning, tho, for store scams).
VisanidethDM said:
It exploited a known vulnerability in the application server to plant software that was used to access the database server that sat behind the third firewall, said Shinji Hasejima
Hasejima conceded that Sony management had not been aware of the vulnerability that was exploited, and said it is in response to this that the company has established a new executive-level security position, that of chief information security officer, to improve and enhance such aspects
Having a known vulnerability and doing nothing about it might have helped the hackers a little, and Sony merits all the backlash it gets from this, no matter how "cool" the company might be.
Acheteedo
Member
Karma said:
I dunno, I think in all likelihood PSN will be very secure after this disaster. They'd be crazy not to make security it a priority from here on out. The only problem is that Sony has clearly made themselves a hacker target, thus Sony will be the most likely company to be hacked for some time now.
mclaren777
Member
I must be the only person who doesn't care about this PSN breach, and I do have a CC on file with my account.
nelsonroyale
Member
Wow...they really dropped the blooming ball on this one...interesting to see how this affects the future of the company...I suppose they won't get sued into oblivion
On a personal level, I doubt my card is affected...I just used PSN a couple of times and my card is nearly out of date
On a personal level, I doubt my card is affected...I just used PSN a couple of times and my card is nearly out of date
IonicSnake
Banned
Well I doubt SCE will let SOE have anything to do with PSN again.
Edit: It's been two weeks now and nothing wierd have happend with my cc yet.
Edit: It's been two weeks now and nothing wierd have happend with my cc yet.
Treefingers
Member
Wait so this happened before the PSN attack apparently (I'm going off the Guardian article so please correct me if I'm wrong) and it took them ~16 days to realize. Good grief.
VisanidethDM
Banned
Mojojo said:
I wouldn't read too much in that bit of PR material. On one hand, I doubt Sony is openly admitting being superficial in handling security (they're japanese, ok, but that's suicide in case of a class action); I wouldn't be surprised if the original statement was something along the lines of a "know vulnerability not fixable in the old system" that is not gonna be a problem in the future. Ie, a better PR statement than "this stuff happens, and no matter what we do if tomorrow they really want to do it again, they will. Btw, store is up soon".
Regardless, people being too harsh on Sony? They deserve all this flak and then some, so for the foreseeable future it's nailed into their fucking heads not to screw up this bad EVER again. Giving Sony the benefit of the doubt in this situation is just ridiculous. Their vulnerable system, their fault.VisanidethDM said:
FunnyBunny
Member
A card can expire, but its replacement often has the same number.Mashing said:
The mainstream press is already reporting this as an undetected second breach the day before the PSN hack.
There is a growing perception among non-gamers that Sony is incompetent when it comes to protecting data.
Zoe
Member
Hanmik said:why are people so sure that SOE was hit a day before PSN...? is it in the press release..? because yesterday I remember people saying that it was the same attack.. something about a twitter from Sony If I remember correctly..
I think it was said somewhere that the attack occurred on the 16th-17th when the PSN attack was previously said to occur around the 19th. Personally, I regard them as the same attack, but others are seeing it as different.
VisanidethDM
Banned
enzo_gt said:
I believe in critical thinking, and many things persuade me that if someone wanted to, they could pull off an overblown and redicolous mass scam like this just to make sure I think Sony sucks. And I don't like being manipulated.
If somebody wanted to make money out of this, they would have acted under the radar. The people who did this did it for the headlines, they did it to humiliate Sony and give em a shower of bad rep, and to hurt them. Now, I can agree on a "no sympathy for Sony's losses, as they could have defended themselves better". But as I said, I'm persuaded that the entire goal of the people who pulled off this (criminal) act was pushing me to blame Sony, and as I said, I don't like being manipulated. Sony has fault, and it will pay it dearly, but the real criminals are others, and I have even less sympathy for them.
kpop100 said:
I know the meaning of Tatemae (Honne and Tatemae). Of course, this "could" be applied in this case but we'll never be 100%.
duk said:
That's exactly what I'm going to do.
coopolon said:
I agree. However, in this context, SONY didn't screw you/us over. They were the ones that got screwed by the hacker/s and we are the domino effect that are also suffering because of it. Also, we have no idea how deep of a hack that was implemented. Considering SONY is a major corporation, we "could" safetly assume that the hack was big and deep enough to compromise SONY's and other companies Network situation, which is exactly what is happening.
harriet the spy
Member
pardon my ignorance, but can they not easily know exactly how many of those credit cards are still active? I am assuming that on a 2007 database most of them would be expired, right?
Then they can just contact the banks for the last ones and cancel those who had not.
Unless I am missing something.
Then they can just contact the banks for the last ones and cancel those who had not.
Unless I am missing something.
VisanidethDM said:
Cards being expired doesn't mean anything unless you've also closed those cards. Cards automatically get renewed, holders are sent new copies. New copies have the same number, and from what I remember, a similar expiration date. If your card on file had an expiration date of 05/09, for example, you then try 05/12, 05/13, or 05/14 to see if it works.
I mean, seriously... guessing a new date for that same number wouldn't be hard. Might take a number of tries, but if somebody wanted to, they'd do it. It certainly makes the data less attractive than a database of numbers where you don't have to do any guessing of expiration dates (being that they're all current), but still.
DryvBy2 above says that numbers get changed a lot, but I've had plenty of credit card renewals where that simply was not the case.
VisanidethDM
Banned
shidoshi said:
That's absolutely not true. I just renewed a card, and there's a 2 months gap between the release date of the new card and the expiration of the old one, and a 3 months difference between the expiration of the old and the expiration of the new, before even addressing security codes (that were not leaked).
Besides, banking systems get alerted of wrong data inputs even before people runs out of attempts. When your bank calls you telling you they blocked your card, it's often because someone used a number of attempts to input the right data and shopped somewhere you usually don't.
People shouldn't underestimate the security levels on digital transactions. The banking/insurance system has all the interest in making it as safe as possible.
Good news guys! Only 900 credit cards were active!
http://www.destructoid.com/sony-only-900-of-our-stolen-credit-cards-were-active-200301.phtml
http://www.destructoid.com/sony-only-900-of-our-stolen-credit-cards-were-active-200301.phtml
Treefingers
Member
SplendidWario64 said:
arnoldocastillo2003
Member
Wario64 said:
FUCK SAKEs, SONY you are in for a LAWSUIT!
