psychotron
Member
Seeing this kind of thing too often. Credit card info has been removed from the Playstation store. Sorry you're going through this OP.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Psn Account hijacked! (Update: 6 months later, a winner is you!)
- Thread starter hodgy100
- Start date
That is strange. If they can get in to the site after changing passwords, they have a manner to keep it up, via your mail maybe but I don't know how PSN handles forgotten passwords. Also keyloggers can capture copy/pastes. But all in all, it is kind of a strange hacker if he doesn't give up after one try.
diablos991
Can’t stump the diablos
It blows my mind how people still have payment info loaded after both major Sony hacks. Just use prepaid cards people...
Agreed. People shouldn't be buying ANYTHING online without prepaid cards. Even real cards can get hijacked now a days thanks to mini-card readers in retail or gas stations.
Cash or
Pref. Paper
Ville Pukema
Member
Good luck OP!
And companies wonder why people wont jump in joy when they mention allways and everything online for ever... .
And companies wonder why people wont jump in joy when they mention allways and everything online for ever... .
Yep. Do NOT leave you payment info on PSN. I don't trust them as far as I can throw them and not just because of hacking either.
Khaos_Knight
Banned
Definitely. It's 2015, Sony needs to get the cock out of their mouth and get this shit done already.
skLaFarebear
Member
Same here. Never leave my card information on any of my consoles, especially Sony after what happened with them before.
SoulUnison
Banned
I love how they simultaneous use "you're responsible for all transactions on your account, maybe try a chargeback" and "chargebacks will result in a permanent ban of your PSN account and possibly your console."
It's such a transparent "screw you."
Sony doesn't mind where the money comes from as long as the publicity doesn't get too bad - they're borderline *accepting* of this sort of fraud.
It's such a transparent "screw you."
Sony doesn't mind where the money comes from as long as the publicity doesn't get too bad - they're borderline *accepting* of this sort of fraud.
Couple months later but yeah, I see the difference. That's not small claims, that's 'fuck you gimme my money back' levels of bullshit there.
Admiral Woofington
Member
Does PS4 have a paypal option? If so I'll change it the second I get home.
Hero_of_the_Day
Member
It's fucking disgusting that this shit happens. I don't understand how Sony can tell people they aren't giving them stolen money back and if you call your bank to get that stolen money back you will be punished. This is when it sucks that the people who write about video games aren't actual journalists, 'cause this is the kind of thing every major site should be writing about and pushing Sony for statements over.
Maybe Patrick (one of the few real journalists) will write an article about it at Kotaku...
I've not read much of the topic, but "Don't save your credit card details on Playstation" isn't a good response to this topic.
It's horrendous that the purchases won't be refunded. When my Microsoft account got compromised in 2011 with all the Fifa Ultimate Team stuff, they instantly locked down my account to investigate, then fully refunded everything once they could see it wasn't legit.
If these have been purchased, surely they have been downloaded to a console? Or they could look at the IP used to purchase them from the web store?
It's horrendous that the purchases won't be refunded. When my Microsoft account got compromised in 2011 with all the Fifa Ultimate Team stuff, they instantly locked down my account to investigate, then fully refunded everything once they could see it wasn't legit.
If these have been purchased, surely they have been downloaded to a console? Or they could look at the IP used to purchase them from the web store?
I agree. But unfortunately in the meantime it's either give up using Sony entirely (a valid option and would definitely go a long way into convincing Sony they should stop being asshats) or at least take your CC off so at least it won't happen to you.
Most people aren't willing to give up all their Sony stuff over this, me included even though I think it's a very valid reason to want to tell Sony to F* off. Because it is completely unreasonable that their options when this happens is to either pay for the thief's purchases or have everything you validly bought through them taken away <- btw this is one reason I prefer my games to be in physical form so a company has less leverage like this. And Sony could easily just remove the permissions for the stolen games bought and remove the stolen console. But, it's almost like they don't mind cause they would rather keep the money and screw their valid customer. At which point you gotta wonder how much motivation they have to stop thieves when thieves can make Sony money this way...
You can remove the card. At least as far as Amazon US is concerned.
Sounds like you're getting the run around by support staff OP, Sony has a process of refunding fraud. I would recommend you re-iterate again, charge backs shouldn't be your only option here.
It's due to the way the whole payment process cycle works. I'm assuming Sony is not unlike others in which they have semi-or fully automated charge back disputing procedures. Meaning, whenever charge backs come in from the banks, the associated customer accounts and/or entitlements stemming from the invoices being charged back are revoked by their system. Thus the generic customer messaging "If you charge back we will ban you."
I can't speak for Sony on what happens next, but most merchants have dispute processes in place to return customer assets in cases where the fraud committed was not of the customer's fault. I would even go so far as to say that many merchants have processes in place that automatically ignore charge backs that come in from banks in fraud cases and treat them as fair dues with no impact on the customer account's active status, but Sony might not be one of them.
It's due to the way the whole payment process cycle works. I'm assuming Sony is not unlike others in which they have semi-or fully automated charge back disputing procedures. Meaning, whenever charge backs come in from the banks, the associated customer accounts and/or entitlements stemming from the invoices being charged back are revoked by their system. Thus the generic customer messaging "If you charge back we will ban you."
I can't speak for Sony on what happens next, but most merchants have dispute processes in place to return customer assets in cases where the fraud committed was not of the customer's fault. I would even go so far as to say that many merchants have processes in place that automatically ignore charge backs that come in from banks in fraud cases and treat them as fair dues with no impact on the customer account's active status, but Sony might not be one of them.
It blows my mind Sony has the nerve to say it's the customers problem when their account get hacked. Especially after both SCE and SWP got hacked and had account data stolen because it was saved without encryption.
My friend has an account with over $1000 of digital purchases, mainly PS3. Someone hijacked it, put a stolen card on it and bought some Fifa crap (why is it always Fifa?). The cardholder / CC put a charge back on it since the card was stolen and his account is now banned unless he pays Sony the difference.
Pretty messed up. Especially since there's no way to know if it's his Fault, Sonys, or some other 3rd party that stole his data and cracked his account. He's had no recourse with Sony, and CS has been no help. Which is wierd for someone as long a customer as him, and with those types of digital purchases. He's not someone you want to lose spending money like that.
Imagine this happened in the physical world? You buy hundreds of dollars in games from Gamestop. One day you notice a $1000 charge on your card from Gamestop, so you go into the store to find out why. Turns out it was fraud, and someone stole your card and bought a bunch of shit at their store. The Gamestop rep shrugs his shoulders and says that you should contact your bank, but if you do, it is highly probable that you will be banned from Gamestop, every game you bought from them will be repossessed, and while they are there, they will delete all your achievements/trophys so you have to start again. People would riot harder than the MS/DRM fiasco.
I really feel for you OP. This isn't limited to Sony. This is something terrible that could happen on either network.
I really feel for you OP. This isn't limited to Sony. This is something terrible that could happen on either network.
Why? Should they give back money just because you state your account was hacked? People could fraud Sony incredibly easy if that were the case. Nope. Also, of course your bank can't do a charge back. If you bought a book in a store, would your really expect your bank to be allowed to do a charge back, since the store is actually out an item. It's somewhat the same thing. A proper credit card, where you use actual credit, you won't be forced to pay for something you didn't use it for, but it's the credit card company that pays it. If you have a credit card that does charge back, you have a sucky credit card.
The Artisan
Member
I remember playing psasbr one day and right in the middle of playing I got a notification telling me I've been signed out because someone logged in with my PsN from a different system. So I signed back in and whoever the mothafucker was who kept hacking into my PsN started putting up a fight. Then at some point I guess I just changed my password to make it stop.
Deadpool_X
Banned
This really sucks, OP. I can't believe how many of these kinds of stories I've been hearing lately. People, please, stop putting your credit card info on Sony Online services.
test_account
XP-39C²
Yeah, it does.
Is there any confirmed sources that consumer data were unencrypted and downloaded from those two hacks?
-----------
Regardless, situations like this really sucks. Its might be hard to prove one way or the other how someone else got a hand on someone's PSN/SEN account. Would be better if more goodwill from Sony was shown.
Definitely needs to happen. Should've happened already.
test_account
XP-39C²
That would be a different situation though. If you found out why you were scammed (as in looking at surveilance videos of the store), i think that the result of that case would be completely different. Then you have solid proof that someone has scammed you. The problem with an account hack is that its harder to prove if it was a hack or not. That is why those cases are diffcult, unfortuantely.
BlackGoku03
Member
Didn't know I can use paypal. I'll do that as soon as I get home.
sony can see that my ps4 was deactivated and annother ps4 activated as the primary account. they can black list the console that it was switched to and it proves that i didn't make those purchases.
Hero_of_the_Day
Member
Obviously they should monitor a user, so if they claim they didn't buy it but are then playing it on their PS4... Or if they've filed multiple claims. But, you can't tell a customer they are just out almost $1,000. That's insanity. These are digital goods, they can't be impossible to track. Who activated that code? Deactivate it and refund the money.
This is the second time I've seen a crazy story about PSN on here in the last few months. I can't find the thread now, but there was someone who had their account hacked and the person bought a bunch of shit. The Sony support email confirmed Sony could tell they were hacked and they banned the hackers console, but they still wouldn't issue a refund. How the shit is this kind of thing acceptable?
EDIT: Found the news article about it. Sony's response:
Source.
They literally told him that even though they do believe it was fraud and that action has been taken against the console that did it, they still wouldn't refund his money. I just can't even wrap my head around that.
Zoe
Member
Non-sensitive information such as emails and information that could be found in a phone book were unencrypted. Passwords and payment data were encrypted, though I believe at the time of the attack, complete credit card information was only stored console-side--the webstore didn't exist yet. The only credit card information that would have been vulnerable at the time were transactions that could be captured as the breach was occurring.
I hope things will work out OP. Why is Sony dicking around this long? If they verified OP identity and Identified a second PS4 that was used for the transactions, it's very simple:
deactivate all games that were fraudulently bought, refund the purchase to the CC and ban the S/N of the console that was used to purchase the games.
deactivate all games that were fraudulently bought, refund the purchase to the CC and ban the S/N of the console that was used to purchase the games.
Hero_of_the_Day
Member
Read what I posted just a couple posts above yours from last month. Even if they do believe it was fraud, they seemingly still refuse claiming it's against policy to offer refunds on digital goods.
OP should file a complaint with the BBB. Years ago I did when Valve refused to offer me a refund on a completely unplayable game I bought. After I filed the complaint with the BBB, they gave me a "one time" refund.
test_account
XP-39C²
I bought a PS4 game on PS Store yesterday or two days ago, then i got the option to pay with credit card or Paypal. I havnt seen that before. I dont know if it works in every country though, but it works for me at least.
I wonder if they are allowed to do that, or if they are afraid that its not enough proof if a owner of a blacklisted should complain about it. What did the customer service say when you mentioned this solution by the way?
I see. Thanks for the info.
I don't have time to search ATM, but I remember reading that CC data in the PSN hack where Sony pulled PSN for the better part of a month was NOT encrypted. My bank also immediately change my account numbers and issued new cards.
Haven't used a CC tied to an account since on any service since.
Not sure if it was just rumor, but I remember people talking about it and how stupid/surprising it was. Maybe it was current transactions as you said, or a list of recent payments.
SoulUnison
Banned
Because they made money off it it, legitimate or not, and the victim's only other avenue to pursue, a bank chargeback, will get them banned and effective destroy all their legitimate content, so he has to just give up and write it off as a loss.
Sony's stance against fraud is basically a PR smokescreen. They're laughing all the way to the bank with whatever money they can get.
They told me that any consoles that those games were bought from will have been blacklisted.
Hero_of_the_Day
Member
It's pretty fucked up.
Zoe
Member
http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/
IIRC, storing unencrypted CC information would be a breach of most payment service guidelines.
test_account
XP-39C²
I think that was just a rumour, if we're thinking about the same thing. Someone posted on a forum saying that they had a lot of CC info from PSN, but it was believed to be fake because they claimed that they had the CCV codes of the card as well, which was confirmed to not be stored on the PSN servers.
This makes me not want to make any digital purchases from Sony. Disgusting. A company with this poor level of customer service doesn't deserve their fan base.
UpUpDownDown
Member
Just yanked my CC info.
I noticed a 5 digit pin number you can set for purchases on the store. This is new I guess??
I noticed a 5 digit pin number you can set for purchases on the store. This is new I guess??
But it can't, MS has two factor auth and is pretty good about fixing these situations (People in this very thread have posted their experiences with it). It's nothing inherant with the networks, it's specifically Sony's draconian and anti-consumer stance in this case (Might even be different in the US, who knows).