Support NeoGAF

[FuturusX]

Because their twitter got hacked?

Because console wars..

 

[AyaisMUsikWhore]

You don't need to take out a service to dump the database.

Why even post this if you have no understanding of the possible situation?

Why are we even freaking out about a twitter post? Are people that gullible? Come on now...unless we see some receipts then I don't believe it.

 

[De_Legend]

So it's nothing serious huh... Lame.
Wanted something big to happen to them to shake them up and wake up and make shit better

Are you just a troll here? Legit question.

 

[vulva]

So it's nothing serious huh... Lame.
Wanted something big to happen to them to shake them up and wake up and make shit better

Don't be dumb

 

[VeeP]

Added two factor authentication and changed my password + added more security info. FFS Sony, please let this be a prank and your not hacked AGAIN.

 

[Pankratous]

Added two factor authentication and changed my password + added more security info. FFS Sony, please let this be a prank and your not hacked AGAIN.

You didn't already have 2FA?

 

[Hoje0308]

So it's nothing serious huh... Lame.
Wanted something big to happen to them to shake them up and wake up and make shit better

Cool, so people can maybe have their personal info compromised and you'll get what you want. Fuck off

If they released a statement more people will know about this and they'll freak out. I just checked the big sites(ign, gamespot...) and none reported this. Release a statement and it'll be on every site imaginable.

Their obligation is to their customers, bad press or not. Get your head out.

 

[Doctor Shatner]

Why are we even freaking out about a twitter post? Are people that gullible? Come on now...unless we see some receipts then I don't believe it.

I don't know if we'd want the "receipts" (our info) out there if it was hacked...

Hoping for the best right now, would be a bummer if this rodeo happened again.

 

[EmiPrime]

I mean, it’s a changed password and possibly removing CC entry. Does it really cause any harm to change it just to be sure?

No it's a waste of time. If they have access to the database then changing your password is like closing the stable door after the horse has bolted. CC details on PSN are encrypted.

So it's nothing serious huh... Lame.
Wanted something big to happen to them to shake them up and wake up and make shit better

What a stupid thing to post.

 

[spons]

Added two factor authentication and changed my password + added more security info. FFS Sony, please let this be a prank and your not hacked AGAIN.

This side-effect seems like the only good thing to come out of this tomfoolery.

 

[Apathy]

I'm guessing people going "lul again" didn't bother to read the whole thread. Until they show something, it's just a social media hack. Just so people know, usually the social media password aren't the ones that there sys admin use on important things.

 

[LinkSlayer64]

You didn't already have 2FA?

I still don't because it messes something up with transferring stuff from PS3 to Vita. I can't remember exactly what, but I knew that I didn't want that thing to be messed up for when I eventually did it.

 

[Fisty]

So somebody hacked their social media... forgive me if I'm not battening down the hatches. I bet Sony pays them just so the FBI can track the funds and arrest the whole crew

 

[Kolx]

It's a Sunday. There will definitely be articles about it tomorrow morning regardless.

It's ridiculous to say they shouldn't have to say anything because they got the tweets deleted lol. You already have people on GAF changing their passwords for stuff just in case.

Gaming sites report stuff like this immediately (at least the big ones). And not releasing a statement is another way of saying there was no breach in the db. If there was they'd be writing it as we speak or at least investigating it.

 

[AyaisMUsikWhore]

I don't know if we'd want the "receipts" (our info) out there if it was hacked...

Hoping for the best right now, would be a bummer if this rodeo happened again.

You're right but this group has done this to multiple twitter accounts from various of companies...I see no threat here outside of a twitter post..and a Facebook post. Social media account is completely different from hacking an entire network.

 

[GravityInsanity]

So it's nothing serious huh... Lame.
Wanted something big to happen to them to shake them up and wake up and make shit better

 

[Ambient80]

No it's a waste of time. If they have access to the database then changing your password is like closing the stable door after the horse has bolted. CC details on PSN are encrypted.



What a stupid thing to post.

It takes like 20 seconds lol.

 

[WadeitOut]

Gaming sites report stuff like this immediately (at least the big ones). And not releasing a statement is another way of saying there was no breach in the db. If there was they'd writing it as we speak or at least investigating it.

Strongly agree to disagree lol

Also GI tweeted out their article about it almost 30 minutes ago

http://www.gameinformer.com/b/news/...al&utm_source=twitter.com&utm_campaign=buffer

 

[Gemüsepizza]

Here we go again.

Seriously Sony, its like you never learn.

Learn what? We don't even know any details about this "hack" yet, smh.

The only thing we know is that someone got access to Sony's twitter accounts, but that doesn't mean much. Imo it's much more likely that those "hackers" are full of shit.

 

[Kvik]

You can easily bypass it.

Ourmine did the same thing to the twitter ceo.

The real problem with Sony's implementation of 2FA is that they rely on SMS as their secondary authentication, which is inherently prone to social engineering if an individual has access to an owner's real world data, called up their mobile provider providing the real world identity as credentials, and redirect their SMS to another number.

The absence of one-time token generator as the secondary authentication was remarkably short-sighted, considering there are open source one-time token generator out there, including Google's own Authenticator

 

[EmiPrime]

Like seriously, are some of you new to the Internet? Corporate social media accounts get compromised everyday. @XboxSupport getting compromised was no reflection of the security of Microsoft accounts either. Until there's evidence otherwise, chill the hell out.

 

[TRUE ORDER]

So, it was only their twitter account after all?

 

[CaptainTiptop]

Here we go again.

Seriously Sony, its like you never learn.

It's just their Twitter dude lol

Some of you are too gullible

 

[WadeitOut]

It's just their Twitter dude lol

Some of you are too gullible

And their facebook. But it's silly to call people "gullible" when they worry about a company storing their sensitive information has their public facing social media accounts hijacked.

 

[zsynqx]

So it's nothing serious huh... Lame.
Wanted something big to happen to them to shake them up and wake up and make shit better

This is such a weird attitude to have

 

[EmiPrime]

It takes like 20 seconds lol.

That doesn't make it a good idea. Let's not spread FUD when so far this has all the hallmarks of a bog standard social media hack.

The real problem with Sony's implementation of 2FA is that they rely on SMS as their secondary authentication, which is inherently prone to social engineering if an individual has access to an owner's real world data, called up their mobile provider providing the real world identity as credentials, and redirect their SMS to another number.

The absence of one-time token generator as the secondary authentication was remarkably short-sighted, considering there are open source one-time token generator out there, including Google's own Authenticator

You're probably not important enough to have your SMS 2FA compromised and even if you are, you should have security questions with nonsense answers set up to prevent social engineering on the carrier side.

 

[PeaceUK]

Yeah this thread is a good indicator of people who just barely read the op and none of the other posts/information.

Its just a twitter account people.

 

[spons]

And their facebook. But it's silly to call people "gullible" when they worry about a company storing their sensitive information has their public facing social media accounts hijacked.

They probably use some social media software to push out messages and articles to all kinds of services. Find an exploit in that software and you hit all their public accounts. When everything's integrated neatly into a single package, you only have to strike once.

 

[WadeitOut]

They probably use some social media software to push out messages and articles to all kinds of services. Find an exploit in that software and you hit all their public accounts. When everything's integrated neatly into a single package, you only have to strike once.

Yes. But that wasn't my point. We don't need to be condescending towards people who are concerned. We don't ACTUALLY know what all was compromised we are just assuming it was their social media accounts.

 

[Quadraphonic]

I still don't because it messes something up with transferring stuff from PS3 to Vita. I can't remember exactly what, but I knew that I didn't want that thing to be messed up for when I eventually did it.

Yeah. That bug is a pain in the ass and infuriating it's still not fixed.

 

[DriftingSpirit]

.

 

[Vena]

Why are we even freaking out about a twitter post? Are people that gullible? Come on now...unless we see some receipts then I don't believe it.

Regardless of the veracity of the claim, the post I replied to does nothing but present a false sense of "everything is alright". The claim of a compromised database is not directly correlated to the services being online or not.

 

[BasilZero]

Like seriously, are some of you new to the Internet? Corporate social media accounts get compromised everyday. @XboxSupport getting compromised was no reflection of the security of Microsoft accounts either. Until there's evidence otherwise, chill the hell out.

Still expect to get a free copy of Knack

Spoiler

lol jk

 

[Shin-Ra]

Maybe if something 'big' happens to GearFourth's GAF account again he'll stop posting bullshit.

 

[Salty Rice]

Yeah its just the twitter account.

Could be worse. My twitter account got hacked once and they posted shit about how women can weight really fast in the newest issue of Women´s Health haha

 

[TheQuickBrownFox]

Lets be honest, any security breach be it from social media, to corporate infrastructure is a serious issue for any Multinational.

Sony needs to release a statement if anything only to reassure people corporate databases have not been accessed, and this is a social media only hack.

 

[Predwolf]

I highly doubt they got access to anything other than Twitter, of which they have managed to get many, many corporations and people.

Ourmine hack list:

Google
HBO
Wikipedia
Pokemon GO
Mark Zuckerberg
the co-founder of Twitter
and now Playstation

 

[MMarston]

Yeah, seems like it's just the Twitter account for now, but this reminded me that I'm due for a password and security question change anyway.

 

[Kvik]

You're probably not important enough to have your SMS 2FA compromised and even if you are, you should have security questions with nonsense answers set up to prevent social engineering on the carrier side.

I don't have high-profile account, sure. My point is to highlight an inherent problem with 2FA which uses SMS, which, from my understanding is being used by Twitter, as well.

It is much harder to crack 2FA which uses one-time token, which can only be potentially cracked by MITM attack.

 

[VeeP]

You didn't already have 2FA?

Nope, I've been meaning to but I keep forgetting .

This side-effect seems like the only good thing to come out of this tomfoolery.

It's true. I should've had 2FA on from the start, especially since Sony's been hacked before.

 

[fireworkfan]

oh crap, just changed by xbox stuff earlier on this month gonna be time to redo sony again too i suppose even if its just social media always a good reminder to change it all often anyway.

 

[Guymelef]

I hope they don't share any data, I don't want people to know that I bought DOA Extreme 3.

 

[TechOne]

Waiting to see if they tweet about pre-ordering Xbox One X. lol

 

[Sophia]

I don't have high-profile account, sure. My point is to highlight an inherent problem with 2FA which uses SMS, which, from my understanding is being used by Twitter, as well.

It is much harder to crack 2FA which uses one-time token, which can only be potentially cracked by MITM attack.

One-time token app would potentially allow more coverage too, depending on the implementation.

 

[GunBR]

Some group hacked PS Twitter and wrote "Databases leaked"

I get it that looks like they only hacked the social medias but, unlike some people here on the thread, I can see why a lot of people are freaking out

 

[Zok310]

Title needs to be changed, social media hack not psn

 

[Equanimity]

I hope they don't share any data, I don't want people to know that I bought DOA Extreme 3.

You're too late, you have already told us.

 

[EmiPrime]

I don't have high-profile account, sure. My point is to highlight an inherent problem with 2FA which uses SMS, which, from my understanding is being used by Twitter, as well.

It is much harder to crack 2FA which uses one-time token, which can only be potentially cracked by MITM attack.

I agree (the Microsoft authenticator app is especially good) but for 99% of use cases SMS is fine. Unless you're some combination of rich, famous and despised you're not worth the effort. For us normal boring people any account theft we might be a victim of will be down to opportunism if we're low hanging fruit. A PSN account with a strong password and SMS 2FA is not worth cracking when there are millions of PSN accounts with no 2FA and 8 character reused passwords.

 

[Megatron]

Just let me know when I can get my free copy of Knack.

Just keep subscribing to psplus. Any month now....

 

[snap]

that's a great gif