Support NeoGAF

[itsgreen]

For everyone freaking out at sony and claiming this was handled so "terribly"

Lets be realistic here and look at the timeline of events:

Last week Sony detects an intrusion on their network, they begin an investigation to find out how serious the intrusion is. Someone has to make the heavy financial decision to figuratively (and literally) pull the plug on the PSN in order to further protect themselves, developer's and the consumers. I am sure that decision was not easy to make but necessary.

Then they begin an investigation to determine how the intrusion was made and take the necessary steps in order to resolve this issue.
This of course all takes place leading into a Easter Long Weekend where even employees at Sony have lives, and probably either were gone for holiday's or going to visit relatives or whatever normal people do for long weekends.

I think that's a big key in what people are missing, it happened over a long weekend, when a large number of the team was very likely unreachable, including the PR department, for many Tuesday (today) is the first day back to work.

So they being last Thursday / Friday investigating the issue, trying to determine the severity of the attack, what information was at risk, what information was made available etc..
The weekend comes into play, given the state of emergency, I am sure Sony had employees working around the clock, they discover the extent of the issue and what information was taken.

Come Monday they are trying to get security people into work, get them up to speed on what happened, get meetings underway on what to do to deal with it, and decide 100% for sure how to move forward.

Finally Tuesday morning, PR people are back to work, major bosses are back to work, everyone is brought up to speed, a head honcho makes the saddening decision that they need to tell the consumers what has happened, and finally they come forward and let us know.

Really how else could it have gone? These decisions aren't light hearted decisions, they have heavy repercussions and nobody at Sony wanted to have to come forward and tell everyone what happened without being 100% positive because of the obvious (as evening news can tell) negative impact of the news.

Yeah. No. I am 100% confident that nobody has had 1 minute off during the weekend. So that whole time line doesn't make sense.

There is not a chance in hell that PR people weren't busy 24/7 during the weekend. But the problem most likely was they haven't got any news.

The full extent wasn't clear and they don't want to scare people. What they did know was that the problem wasn't going to get bigger even though they didn't know the full extent.

I would absolutely trust the people at Sony PR simply because if they would purposely lie and deceive, the company is broke.

 

[Blimblim]

(1) Citation needed. I'm not being snarky, I'd genuinely like to see the evidence.

(2) One person is not comparable to the personal information of millions of people. One is an inconvenience, the other is industrial-scale incompetence bordering on the criminal.

Bordering?

 

[godhandiscen]

How easy is this to do?

What is the best way to fix this so it will never happen again?

Is this something that could happen to XBL?

Good lord no. It would be horrible is MS allowed SQL injection.

 

[Rebel Leader]

Has anyone called the 3 credit report companies (Experian, Equifax and TransUnion)

Is it fully automatic or do you actually talk to a person? My mom doesn't want to talk to "stupid people".

 

[MechaX]

Then they begin an investigation to determine how the intrusion was made and take the necessary steps in order to resolve this issue.
This of course all takes place leading into a Easter Long Weekend where even employees at Sony have lives, and probably either were gone for holiday's or going to visit relatives or whatever normal people do for long weekends.

I think that's a big key in what people are missing, it happened over a long weekend, when a large number of the team was very likely unreachable, including the PR department, for many Tuesday (today) is the first day back to work.

I... whoa... I... You're seriously going with this? Seriously?

Dude, any huge corporation just doesn't go "Hm.. there's definitely suspicious activities in our network that houses the personal and credit card data for about 70 million accounts but... HOLY SH- EASTER! EVERYBODY CLOSE SHOP NOBODY WORKS EVERYBODY GOES HOME NOBODY IS ON CALL CELEBRATION TIME"

 

[JaseMath]

Some of you Sony apologists should apply to work in the Sony PR department.

 

[Dreamgazer]

....

Why not ill bite.


If you don't use AV, Firewall and a password on your pc, and you end up getting hacked.. Who has the bigger blame... The hacker or you?

Do you go around telling rape victims ""Don't like getting raped? then don't dress like a slut!"?

The obvious person at fault for the CRIME is the person with the criminal intent who carried out the crime.

Sure, the victim has the RESPONSIBILITY to reduce the likelihood of a crime to the best of their effort (and if anyone were to sue, we would be suing on that matter).

However, that has nothing to do with the fact that the Damages done to them (loss revenue, consumer goodwill, lawsuit) was incited and soely done by the f-ing hacker who did this.

Equally, if you got hacked, it is the hacker who should be taking the blame for inflicting damage onto you.

(Should grandma and grandpa be blamed because they did not know they were suppose to install AVG on a computer? No.)

 

[RyanDG]

Has anyone called the 3 credit report companies (Experian, Equifax and TransUnion)

Is it fully automatic or do you actually talk to a person? My mom doesn't want to talk to "stupid people".

Fully automated. You can even do it online.

 

[HomerSimpson-Man]

As a 360 only user, I'm truly sorry you guys have to go through this BS. :/

There's probably a few 360/Wii users in this thread that will try to get a dig in at your/Sony's expense. Shame on them I say.

It all fun and (video)games when we're warring over digital characters on boards, but this...yeah.... :/

 

[Seraphinianus]

XBL gets hacked probably 30 times a day.

You pay someone 200 bucks to steal someone's Gamertag and personal information and it's done.

isn't that through social engineering? totally different.

 

[dreamer3kx]

Will you guys still purchase from psn store and keep a CC attached, curious? I will.

 

[soldat7]

I hope we each get the chance to kick these guys in the nuts.

 

[bon]

I hope Sony is planning to give us a free game or something to make up for giving our identities away.

 

[Commanche Raisin Toast]

Really?

So they just shut down PSN a week ago for funsies?

there's a difference between discovering someone got into the PSN and knowing they got to personal information. they shut it down as soon as they realized they had been hacked. then they hired a company to investigate. then at some point they found out personal info was compromised.

that's the unknown. not when sony found out they were hacked, but when they found out personal info was accessed. if a company told everyone their personal data was compromised any time a hack attempt was even performed on them it would be chaos.

could you imagine the outrage if sony told us a compromise took place before they even knew if it happened or not? then tons of people canceled their CC's and freaked out only to find that sony said "oops nvm nothing was compromised, sorry".

it makes perfect sense to alert people that a hack took place right after it was discovered, and then alert them to data compromises once THAT has been discovered. not "we had a weird disturbance on the PSN the other day, but for all we know it could be a hacker. we suggest you delete your bank accounts, sell all your personal belongings and go live in a cave for 10 years."

 

[CrushDance]

I hope Sony is planning to give us a free game or something to make up for giving our identities away.

......

 

[jackdoe]

XBL gets hacked probably 30 times a day.

You pay someone 200 bucks to steal someone's Gamertag and personal information and it's done.

I don't understand why you are still trying to defend Sony here. They are liable if any information was stolen and it has been a pain in the ass to change passwords that I even think has some small connection to my PSN password so I fully blame Sony. I still think Xbox Live Gold is a ripoff, but I fully blame Sony for not informing us of this the second they had their doubts. Rumors on numerous websites doesn't count as "informing".

 

[Arpharmd B]

gonna be bad for celebrity ps3 owners.. they might get stalked and receive phone threats..

Celebritie women have Wii's not PS3's.

 

[Phonomezer]

Then they begin an investigation to determine how the intrusion was made and take the necessary steps in order to resolve this issue.
This of course all takes place leading into a Easter Long Weekend where even employees at Sony have lives, and probably either were gone for holiday's or going to visit relatives or whatever normal people do for long weekends.

Poorest excuse yet.

 

[UberTag]

As someone who has a credit card still linked to PSN and is directly impacted by this news, I can safely say that Sony has now made "the list".

It's not that I can't get my card replaced; it's mildly inconvenient, sure. But it's not the end of the world.

It's simply a matter of principle. I can't support a company with my hard-earned dollars that conducts itself in such an egregious fashion.

Activision is on "the list" as well and I haven't purchased any of their games new in roughly 5 years and I'm not losing sleep over it.

There will be no NGP purchase.
There will be no Uncharted 3 purchase unless I pick it up second-hand off someone.
I will keep my existing PlayStation systems to clear out backlog but I will not be buying any DLC.
Over the years I have purchased the PS2 twice, the PSP three times and the PS3 once (all brand new).
There will be no more purchases/rentals of any Sony electronics or personal hardware of ANY KIND.
They'll get whatever portion of BluRay licensing fees they collect from companies whenever I buy a non-Sony BluRay disc but it's not like I buy many of those.

My financial security and trust was violated so they will no longer see a single drop of revenue from me. Hopefully for Sony the other 77 million people aren't feeling the same way.

 

[Mama Robotnik]

Do you go around telling rape victims ""Don't like getting raped? then don't dress like a slut!"?

The obvious person at fault for the CRIME is the person with the criminal intent who carried out the crime.

Sure, the victim has the RESPONSIBILITY to reduce the likelihood of a crime to the best of their effort (and if anyone were to sue, we would be suing on that matter).

However, that has nothing to do with the fact that the Damages done to them (loss revenue, consumer goodwill, lawsuit) was incited and soely done by the f-ing hacker who did this.

Equally, if you got hacked, it is the hacker who should be taking the blame for inflicting damage onto you.

(Should grandma and grandpa be blamed because they did not know they were suppose to install AVG on a computer? No.)

Did you just compare Sony to a fucking rape victim?

 

[LowParry]

I hope Sony is planning to give us a free game or something to make up for giving our identities away.

Maybe your money back?

 

[ragingdrunk]

Has anyone called the 3 credit report companies (Experian, Equifax and TransUnion)

Is it fully automatic or do you actually talk to a person? My mom doesn't want to talk to "stupid people".

You can go to annualcreditreport.com and you don't have to actually talk to anyone. It will give you all 3

 

[timetokill]

Damn, it's crazy but if Sony had hired Geohot then maybe he could've improved their security and this wouldn't have happened

Spoiler

 

[Morn]

Well, you're the one that's pointing the finger at that one guy and saying he was the culprit behind this international data theft.If its that easy, I don't know what he isn't already arrested.

If anything, that way worse. I'm only reacting to your post. Anyhow, there's absolutely no reason to call me mentally disabled or slow

You insinuated that looking up IP information was some federal crime. It isn't.

http://trasir.com/ is probably one of the best sites to use too. Very clean and quick.

 

[Rebel Leader]

Fully automated. You can even do it online.

Thanks. Do we need to call all 3 or just 1?

 

[Persona7]

Has anyone called the 3 credit report companies (Experian, Equifax and TransUnion)

Is it fully automatic or do you actually talk to a person? My mom doesn't want to talk to "stupid people".

You can do it online.

 

[Jburton]

Some of you Sony apologists should apply to work in the Sony PR department.

Lol, and some of the drama queens on here should seek employment on Broadway.

Both extremes present in this thread ....... also a shit load of self righteousness and I told you so's.

 

[AgentChris]

I miss the days back when Sony would just let me manually input my debit card info upon each purchase. Yes it was tedious, but it was safer.

I want this going forward for PSN. Not storing my CC info anymore.

 

[StopMakingSense]

Has anyone called the 3 credit report companies (Experian, Equifax and TransUnion)

Is it fully automatic or do you actually talk to a person? My mom doesn't want to talk to "stupid people".

Well, to put an alert on your credit, you only need to do a report to one bureau, as it will communicate to the others. It makes it so no one can get credit using your social without the creditor calling you first. I would then check your report a month later to check for any erroneous info.

 

[Relaxed Muscle]

Or they found out today and put out an official statement today, 2 days ago all they could say was they weren't sure.

They did shutdown PSN for 6 days as now, they knew something happened, they might not knew for sure data was stolen, but certainly that wasn't ruled out so they should made a warning announcement something like:"We suffered an hacker attack, data "MAY" be stole,check your CC closely and inform of any problem, sorry, we'll keep you informed when the contracted 3rd party security firm ends his investigation".

Even if in the end nothing happened causing damage and overreaction, it would have been way better than "Hey you know we closed PSN six days ago? it was because hacked entered our networks, also your data is exposed, SORRY!"

 

[itsgreen]

I think this might be Sony's red ring. This could cost the company billions.

Stock drop, compensation, down time, missed income, bad press, less console sales when it hits the big news..

This sucks.

 

[mr_nothin]

The fuck is wrong with you people?

You had to work over Easter weekend too?

 

[Mailenstein]

Lol, and some of the drama queens on here should seek employment on Broadway.

Both extremes present in this thread ....... also a shit load of self righteousness and I told you so's.

Joke post?

 

[Vire]

http://www.youtube.com/watch?v=MFiU6iORGsc

Haha oh ELPRESADOR... never change.

It's sad because half the shit he says is actually true.

 

[Jburton]

Did you just compare Sony to a fucking rape victim?

Seems this thread is about to come to a natural end.

We are entering the realms of stupidity.

 

[Four_Chamber]

Did you just compare Sony to a fucking rape victim?

This is unbelievable

I've seen horrible analogies but this is a new level. Not only that, the post is full of egregious bolding.

 

[Persona7]

i think my identity is worth a free copy of Arcana Heart 3

 

[robotzombie]

Did you just compare Sony to a fucking rape victim?

Did you just avoid his/her point because pointing to that comparison which was used for effect was easier than actually making a legitimate argument?

 

[Kyoufu]

Seems this thread is about to come to a natural end.

We are entering the realms of stupidity.

Entering?

lol

 

[RyanDG]

Thanks. Do we need to call all 3 or just 1?

Just one. The other 2 will be notified automatically.

 

[I3rand0]

Has anyone called the 3 credit report companies (Experian, Equifax and TransUnion)

Is it fully automatic or do you actually talk to a person? My mom doesn't want to talk to "stupid people".

Sign up for a Credit Monitoring service, lock your credit report, and send a fraud alert to all three companies. I use the Equifax Complete Advanatage service and it's great peace of mind. You can also have them track online your SSN and any credit cards you may have and automatically be notified if they detect something suspicious.

http://www.equifax.com/compare-products/

 

[Rebel Leader]

Well, to put an alert on your credit, you only need to do a report to one bureau, as it will communicate to the others. It makes it so no one can get credit using your social without the creditor calling you first. I would then check your report a month later to check for any erroneous info.

Ok thanks.

 

[UberTag]

I think this might be Sony's red ring. This could cost the company billions.

Stock drop, compensation, down time, missed income, bad press, less console sales when it hits the big news..

This sucks.

This is on a completely different level than a red ring in terms of reputation damage and possible fallout.
Nobody here has any kind of idea just how measurable the impact will be.

 

[Arpharmd B]

I kind of wish I was smart enough to be able to hack.

 

[patsu]

they could have said, "there may have bee a security breach, customers may want to keep an eye out and change your passwords" days ago. instead, they basically kept quiet until the story got too big to handle and folks like the BBC got involved.

They already said it's an intrusion a few days ago.

 

[Dreamgazer]

Did you just compare Sony to a fucking rape victim?

Yes.
but feel free to switching to anything less serious.
Like a Yankee fan who chooses to wear his Yankee Jersey in Boston after a losing red sox game - who then proceeded to get beaten.

How about that?

It's just to show a point

 

[Vamphuntr]

Lol, and some of the drama queens on here should seek employment on Broadway.

Both extremes present in this thread ....... also a shit load of self righteousness and I told you so's.

I thought that posting a "I'M BETTER THAN EVERYONE IN THE THREAD" was a big no no.

 

[SolidSnakex]

i think my identity is worth a free copy of Arcana Heart 3

If a free game is given away then it's going to be one of Sony's own titles. So think of something along the lines of Warhawk (if they do give away something).

 

[Agent X]

This royally sucks. I can't even express in words how sickened I am by this.

I've been a loyal fan of Sony and their systems for a very long time, but my faith in Sony has been shaken hard today.

 

[Hex]

So...all week the service was down and nobody had money stolen but now a week later that Sony says it might be compromised everyone is so positive that their bank accounts are fucked even though nothing has been touched.
Fantastic.
Brilliant even.
Carry on.


It sucks that personal information is stolen.
Unfortunately or perhaps fortunately I already dealt with that with the Gawker mess.