Psn Account hijacked! (Update: 6 months later, a winner is you!)

Another update:

I sent a lengthy formal complaint letter to sony a couple of weeks ago explaining my issue. They finally got back to me (via phone aswell :/ ) they explained how I must have misunderstood their previous contact with me (condescending right) and re iterated their EULA saying how its my responsibility to keep my account secure and as there hasn't been a breach of PSN the access of my account was my responsibility. They also stated that after goods have been transferred I am not entitled to a refund after said transaction has taken place. They also insisted that they 100% comply with trading standards regulations. I had them email me to confirm they had received my complaint.

I want to take this further if im honest i'll probably evaluate my options and see what I can do through the legal system :/
 
How are we supposed to properly secure our accounts without two factor authentication anyway? The fact that Sony still won't provide this option all these years after the 2011 hack is completely sickening.
 
My account got hijacked about 6 months ago. It's taken me for ever to get it back, especially because I don't have a PS3 or PS4 and it seems like Sony wants you to go through a Playstation in order to actually retrieve your account. Fortunately, I had no credit card on file as I haven't bought anything on there since the PSN hack 4 or whatever years ago.

Sony's customer service is generally shit, in my experience with this.
 
Yeah after getting my consoles stolen (my accounts are auto sign in) I removed all sensitive shit from my accounts. No credit card info is ever being tied to PSN or Xbox Live for me. Rather just pay cash for store credit codes or use paypal like others have said.
 
"re iterated their EULA saying how its my responsibility to keep my account secure and as there hasn't been a breach of PSN the access of my account was my responsibility. "
But they're right? There was no breach. You were compromised in some other manner. Whether that means your pc has a key logger, or you use the same password everywhere, or you have a kid in the house who bought stuff without you knowing about it is immaterial... the hijack is on your side, not theirs.

Could they still refund you? Sure. But if they do, it would open up the floodgates of people claiming their account was compromised and they didn't actually buy XYZ due to buyer's remorse.

Even here, people are acting like PSN got hacked or something for your account to be hijacked. That isn't what happened.
 
But they're right? There was no breach. You were compromised in some other manner. Whether that means your pc has a key logger, or you use the same password everywhere, or you have a kid in the house who bought stuff without you knowing about it is immaterial... the hijack is on your side, not theirs.

Could they still refund you? Sure. But if they do, it would open up the floodgates of people claiming their account was compromised and they didn't actually buy XYZ due to buyer's remorse.

Even here, people are acting like PSN got hacked or something for your account to be hijacked. That isn't what happened.
This is clearly not as black and white as you're making it out to be and Sony's response is really poor. A few points:

1. £500 of transactions in quick succession is highly unusual.
2. If OP had downloaded and played the games purchased Sony's system would know which console they were activated on. Presumably whoever stole the account activated their own console shortly before or after so again this should highlight something unusual is going on.
3. All Sony is doing is losing a customer and £500 when they claim it back from their bank.

I experienced this several years ago and Sony were very helpful; they refunded the money and removed the games the thief had bought on my account. I guess I should take this to mean PSN was compromised in my case. Interesting Sony didn't mention that at the time.

If this is Sony's stance now they should be removing the ability to store credit card details on the web store until such a time that they chose to implement two-step verification.
 
this thread reminded me to delete my CC info (I forget way too many times - worst company to keep billing information with)

I can't do it. Fucking won't let me. The website won't let me thanks to some bad gateway thing. Can't do it on my Vita and PS3. What shitty timing.
 
I dont understand what benefit this gives the person who hacked and made purchases. Just to be an asshole?
Well the person also stole the account (changed login details). OP managed to get customer support to take their account back, but Sony still refuses to reverse those fraudulent purchases, which is what OP is having problems with.
 
So if your account gets hacked Sony decides to ban your account? I assume that also bars you from having access from any games you purchased from the PSN store as well. If this happened to me and such circumstances occurred I would contact a lawyer and perhaps file a lawsuit.
 
So if your account gets hacked Sony decides to ban your account? I assume that also bars you from having access from any games you purchased from the PSN store as well. If this happened to me and such circumstances occurred I would contact a lawyer and perhaps file a lawsuit.
The ban occurs when you do a chargeback.
 
This is clearly not as black and white as you're making it out to be and Sony's response is really poor. A few points:

1. £500 of transactions in quick succession is highly unusual.
2. If OP had downloaded and played the games purchased Sony's system would know which console they were activated on. Presumably whoever stole the account activated their own console shortly before or after so again this should highlight something unusual is going on.
3. All Sony is doing is losing a customer and £500 when they claim it back from their bank.

I experienced this several years ago and Sony were very helpful; they refunded the money and removed the games the thief had bought on my account. I guess I should take this to mean PSN was compromised in my case. Interesting Sony didn't mention that at the time.

If this is Sony's stance now they should be removing the ability to store credit card details on the web store until such a time that they chose to implement two-step verification.
First, my comment was in reply only to the statement I quoted, which was that there was no breach. However, The OP has an email from Sony which clearly states:

" As these transactions were made via our online webstore, we're unable to take action against any consoles for processing this purchase. We will however investigate any devices involved where possible and take action where appropriate, however we will be unable to share details of this. "

So... a couple things are possible. The other PS system has been identified and banned. Or, possibly, they did research and determined the purchase was 'legitimate' -- for example, for all we know the OP could have given his account details out to a brother in law, and then a nephew bought stuff [I'm making this up, obviously, but the point is, we are woefully ignorant of exactly what actually happened, dependent only on a one-sided account from the OP].

The OP is rightly angry. I'd be upset with Sony too. But I'd also be upset with myself for getting hijacked, and not blame Sony for it.

That is complete BS. To punish someone for trying to get their money back for a unauthorized charge should be illegal.
Chargebacks are abused to high heaven and cause businesses to lose a small fortune annually (if not weekly, depending on the size of the company). The company is responsible for the cost of the good, they get fined, too many chargebacks can cause other penalties, and the return of the good itself (when not digital) is not guaranteed.

In a perfect world, people would only use chargebacks as a last resort, when the company isn't even responding to contacts. However, they're used as reverse fraud all the time (buy something, charge it back) and as 'instant refunds', etc. Banning people that charge back isn't uncommon, and is completely understandable given there are other methods of remediation available.

Imagine if you sold someone something for $15, then found out a day later you were out that $15, fined another $5 or $10, and had a mark against your account, and never got back the thing you sold. You'd likely never sell to that customer again, either. Now multiply that by thousands of people doing exactly that to get free stuff... and you can understand why businesses dislike chargebacks. There are certainly legitimate uses for chargebacks, but even then it's likely the business relationship is over.
 
My PSN account was also hacked and in the end I got the exact same formletter.
Thankfully I managed to go in and change my password and remove my credit card before the hijacker changed it and lock me out.

The hijacker had attached his PS4 to my account removing my PS3 and bought the digital collectors edition of Assassins Creed Unity.
My account is Swedish and I was in the US at the time so I sent an email to them rather than calling, I could not find a number to call anyway.
After several days I got a reply stating I needed to call in because they could not handle this via email.
After more than an hour in the telephone queue on an international call very early in the morning I finally got a person to explain my situation to.

Since I did not have a PS4 at the time the guy on the phone said this was obvious fraud and they would refund me and remove the PS4 which made me happy.
After a couple of more days I got an email that I needed to send them my PS3 serial number. Not very easy to get since my PS3 was in Sweden and I was still in California.
I did send them my serial number though and got a new reply with the formletter that they would not refund me the money.
I obviously complained but got a new mail back informing that this was a final decision and there was nothing I could do to get the money back!

I still have no PS4 but I do have very expensive version of Assassins Creed.

Sony PSN support and theft protection is absolutely horrible and I would strongly advice everyone to not have a credit card in their account.
Maybe it was my fault for not having a strong enough password or whatever but I wonder how many of these cases happen every year.
Sony obviously gets a percentage on everything sold so they even earn money on these thefts, perhaps they care more about that then their reputation.
You would think that with the recent couple of years Sony hacks they would be more sensitive about more bad will about their online services but apparently not.
 
First, my comment was in reply only to the statement I quoted, which was that there was no breach. However, The OP has an email from Sony which clearly states:

" As these transactions were made via our online webstore, we're unable to take action against any consoles for processing this purchase. We will however investigate any devices involved where possible and take action where appropriate, however we will be unable to share details of this. "

So... a couple things are possible. The other PS system has been identified and banned. Or, possibly, they did research and determined the purchase was 'legitimate' -- for example, for all we know the OP could have given his account details out to a brother in law, and then a nephew bought stuff [I'm making this up, obviously, but the point is, we are woefully ignorant of exactly what actually happened, dependent only on a one-sided account from the OP].

The OP is rightly angry. I'd be upset with Sony too. But I'd also be upset with myself for getting hijacked, and not blame Sony for it.



Chargebacks are abused to high heaven and cause businesses to lose a small fortune annually (if not weekly, depending on the size of the company). The company is responsible for the cost of the good, they get fined, too many chargebacks can cause other penalties, and the return of the good itself (when not digital) is not guaranteed.

In a perfect world, people would only use chargebacks as a last resort, when the company isn't even responding to contacts. However, they're used as reverse fraud all the time (buy something, charge it back) and as 'instant refunds', etc. Banning people that charge back isn't uncommon, and is completely understandable given there are other methods of remediation available.

Imagine if you sold someone something for $15, then found out a day later you were out that $15, fined another $5 or $10, and had a mark against your account, and never got back the thing you sold. You'd likely never sell to that customer again, either. Now multiply that by thousands of people doing exactly that to get free stuff... and you can understand why businesses dislike chargebacks. There are certainly legitimate uses for chargebacks, but even then it's likely the business relationship is over.



Fact is Sony is constantly havin issues with people hacking their infrastructure and they do not seem to really do anything about it and the way they treat the victims of these attacks is horrible. Just because a few dishonest individuals engage in dishonest practices about buying something then lying about theft to get a refund should in no way cause honest people to be punished for simply wanting their money back for items that were purchased without their consent because Sony is consistently getting hacked. I pick on Sony about this because it isn't one isolated event with them it keeps happening over and over and they do not seem to give a shit or do anything about it.

Only advice I can give is do not ever leave your credit card info on any website that includes amazon, netflix, bestbuy or anyone else. I mean even the health insurance giant Athem just got hacked. It's getting to the point where I am about to just start carrying cash and writing checks again.
 
I have just filed a small claims court claim citing the Unfair Contract Terms Act and Consumer Contract rights. Hopefully things start going my way. *crosses fingers*
 
Fact is Sony is constantly havin issues with people hacking their infrastructure and they do not seem to really do anything about it and the way they treat the victims of these attacks is horrible. Just because a few dishonest individuals engage in dishonest practices about buying something then lying about theft to get a refund should in no way cause honest people to be punished for simply wanting their money back for items that were purchased without their consent because Sony is consistently getting hacked. I pick on Sony about this because it isn't one isolated event with them it keeps happening over and over and they do not seem to give a shit or do anything about it.

Only advice I can give is do not ever leave your credit card info on any website that includes amazon, netflix, bestbuy or anyone else. I mean even the health insurance giant Athem just got hacked. It's getting to the point where I am about to just start carrying cash and writing checks again.
After a Paypal issue which was fortunately quickly resolved by the bussiness returning all of the money to me I had my bank change the limit for internet transactions to 0. Now everytime I want to buy something online I just temporarily increase this limit in my internet banking interface. That way I can get any account with CC info on it hacked and still not lose any money because of it.

This is still a shitty approach by Sony and I hope OP wins and gets his money back and hopefully the people at Sony won't be butthurt enough to penalize him for that in any way.
 

JaseC

gave away the keys to the kingdom.
The OP is rightly angry. I'd be upset with Sony too. But I'd also be upset with myself for getting hijacked, and not blame Sony for it.
People aren't blaming Sony for this happening outside of there being no excuse for the lack of mandatory two-factor authentication. What they are unforgiving about is how the situation is being handled due to a narrow and heavy-handed policy.

Chargebacks are abused to high heaven and cause businesses to lose a small fortune annually (if not weekly, depending on the size of the company). The company is responsible for the cost of the good, they get fined, too many chargebacks can cause other penalties, and the return of the good itself (when not digital) is not guaranteed.

In a perfect world, people would only use chargebacks as a last resort, when the company isn't even responding to contacts. However, they're used as reverse fraud all the time (buy something, charge it back) and as 'instant refunds', etc. Banning people that charge back isn't uncommon, and is completely understandable given there are other methods of remediation available.

Imagine if you sold someone something for $15, then found out a day later you were out that $15, fined another $5 or $10, and had a mark against your account, and never got back the thing you sold. You'd likely never sell to that customer again, either. Now multiply that by thousands of people doing exactly that to get free stuff... and you can understand why businesses dislike chargebacks. There are certainly legitimate uses for chargebacks, but even then it's likely the business relationship is over.
And yet the biggest digital distribution service in the world that isn't the Play Store or iTunes stopped suspending accounts over chargebacks (and indeed over anything at all) more than three years ago. "Others do it, too!" is not a justification.
 

Tunesmith

formerly "chigiri"
People aren't blaming Sony for this happening outside of there being no excuse for the lack of mandatory two-factor authentication. What they are unforgiving about is how the situation is being handled due to a narrow and heavy-handed policy.



And yet the biggest digital distribution service in the world that isn't the Play Store or iTunes stopped suspending accounts over chargebacks (and indeed over anything at all) more than three years ago. "Others do it, too!" is not a justification.
Steam still very much suspends for payment fraud / chargebacks.
 

JaseC

gave away the keys to the kingdom.
Steam still very much suspends for payment fraud / chargebacks.
A somewhat common misconception. Then:



Now:





(Not my images.)

Doing a chargeback results in the worst-case scenario: the inability to add to your library and access Steam Community (although the restriction is automatically lifted after nine weeks, should you choose to not pay the money back). You'll never lose access to your current library as the whole point of the restriction system is that the user can still access the games they purchased while their account was in good standing, which wasn't the case before.
 

Tunesmith

formerly "chigiri"
I meant that they suspend service available to your account. Sorry for not clarifying, I don't believe any online storefronts prevent access to previously acquired libraries if payment disputes arise.

There's also this, which does not clarify the restrictions, but that's common language usage when you're looking to get a clear concise message across to masses (same reason most suspension notices doesn't go into details about offenses committed):

https://support.steampowered.com/kb_article.php?ref=5406-WFZC-5519
 

JaseC

gave away the keys to the kingdom.
I meant that they suspend service available to your account. Sorry for not clarifying, I don't believe any online storefronts prevent access to previously acquired libraries if payment disputes arise.
Well, Sony does. That's why this thread has reached the point where the OP is pursuing legal recourse -- he'll lose everything if he files a chargeback:

Playstation support said If I do a chargeback they will ban my account and blacklist my consoles. My account is worth quite a bit more than the £600 i've lost. it's not really an option for me. I was considering taking them to small claims court.

There's also this, which does not clarify the restrictions, but that's common language usage when you're looking to get a clear concise message across to masses (same reason most suspension notices doesn't go into details about offenses committed):

https://support.steampowered.com/kb_article.php?ref=5406-WFZC-5519
The article doesn't clarify the restrictions because its current form has existed since before the system was put in place. It's probably no surprise that Valve's been slow to update its support section. ;)
 

Tunesmith

formerly "chigiri"
Well, Sony does. That's why this thread has reached the point where the OP is pursuing legal recourse -- he'll lose everything if he files a chargeback:

The article doesn't clarify the restrictions because its current form has existed since before the system was put in place. It's probably no surprise that Valve's been slow to update its support section. ;)
Sony restricts access to re-download content (by virtue of preventing you to browse download histories I believe?) but won't revoke licenses on content you have locally. Sony's going the extra mile there aggressively I would agree.

Valve has no service level agreements on their support so that the fact the support article is old doesn't surprise me at all, heh.
 

JaseC

gave away the keys to the kingdom.
Sony restricts access to re-download content (by virtue of preventing you to browse download histories I believe?) but won't revoke licenses on content you have locally.
Oh, by "previously-acquired libraries" you were referring specifically to installed content? I'd expect that to be left alone. I was actually going to include a footnote along the lines of "Well, I assume installed games would still be accessible" but figured it didn't need to be said. ;)
 
I went through the small claims court and they settled before it went to court.
Probably cheaper for them to do this than the costs of having people attend on their behalf?

I suppose they assume most people wouldn't got to the efforts you did, but £598 is £598!

And well done, you got your money back without losing your ps account as you might have with a chargeback.