Clarifying a Few PSN Points

393 0
Clarifying a Few PSN Points

I wanted to take this opportunity to clarify a point and answer one of the most frequently asked questions today.

There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.

For those who were looking there’s also an FAQ with some more frequently asked questions

Thank you for your continued patience and support.

Comments are closed.

393 Comments

  • I’m sorry PS Blog members, I gave you the help for the right option, just not for Gmail accounts but rather Google Apps. Sorry about that, here’s the real link:

    http://www.google.com/support/accounts/bin/static.py?page=guide.cs&guide=1056283&topic=1056284&hl=en

  • if possible keep tryin to keep us PSN users updted daily with as much info as u can share until PSN is ready to come back up. Thank you

  • @ 35 @ 41 who cares about you two ladies!? :)

  • @32
    Yeah I’ve seen that movie with Sanda Bullock.
    http://www.amazon.com/Net-Sandra-Bullock/dp/B000CEV3M8/ref=sr_1_1?ie=UTF8&qid=1303872593&sr=8-1

    Seriously, remember why the network was hacked in the first place – I’ll believe the PSN identity theft when I see it. What I can guarantee you is the hackers are getting a great laugh right now reading all of the dramatics – it’s just fueling the fire.

  • @44
    We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network.

    So it started 4/17 and they closed the service down on 4/20. Now call me crazy but if you can’t the days from 4/17 – 4/26 that is 10 days.

  • *count

  • http://finance.yahoo.com/news/Sony-Credit-data-risked-in-apf-1963695372.html?x=0&sec=topStories&pos=main&asset=&ccode=

    Fortunately, I did not spend a lot of money buying stuff on PSN, but Sony is looking to lose a lot of money. I think that Sony needs to publish the precautions everyone needs to take such as contacting the financial institution of the credit card on file with PSN. Sony also needs to post a guide on how to contact the 3 major credit bureaus to place a fraud alert if they believe that they might incur further risk from this security breach. This is a serious matter in which a lot of our vital information has been stolen, and could cause further risks to each one of our finances.

    I hope that Sony takes the correct precautions to go after the breach and also to ensure that our financial information is protected. Sony owes it to its loyal users, and to its main source of profitability, us, the gamers…

  • Okay, lets put it in terms maybe everyone can understand……

    *IF* the said hackster had your CC information for anywhere from 4-6 days…..don’t you think that:

    1. —->You would’ve noticed unauthorized charges already, “they” typically ‘use and lose’ numbers right away before they get canceled. <—-
    2. CC card issuer would've called you to say you've had a high level of charges lately, not typical for you.
    3. A call from a CC application to verify information.
    4. Charges showing up in your transaction records from places you have never been.

    Again, I'm not worried about my stored info….and now we're getting multiple updates in a day….so I'm just playing the waiting game.

  • I am very disappointed with SONY’s incompetence.

    First of all you are one of the world’s top ranking entertainment company and you were hacked such easily, how would I trust you in the future the put on my information (address, credit card) on PSN again?

    Second you could have warned us 5 days ago instead of providing some vague and useless updates on your website. Your PR did a horrible job, showed disrepect to customers.

    Finally, you might have known, several shopping website offer discounts on Xbox360, I believe many players bought a Xbox360 during this week with a 50$ goftcard. I start thinking trading in my ps3.

  • I’m not worried about my CC # I’m worried about my PSN user name and password. Plus they have my name, address, and age along with your secret question and answer. Now call me crazy but it doesn’t take much more info to total screw someone over.

  • @49 not taking any chances. also i had a debit card in psn, not a credit card, and i’m fairly certain they don’t fall under the same fraud protection things that credit cards usually do. I’m not an idiot for wanting to protect myself. You might feel totally smug and safe, but I want to be sure and this will help me put my mind at ease. :\

  • Thanks for the information Patrick.

    @EVERYONE WHO’S COMPLAINING and if you bought a 360 it doesn’t make since to even post on here because you just put a Target on yourself for being dumb and not being a major supporter for Gaming in general.

    Just think to yourself who the real one is to blame. Yes that’s right.

    Blame the Hackers not SONY
    Blame the Hackers not SONY
    Blame the Hackers not SONY
    Blame the Hackers not SONY

  • Amen #27. I agree and to the people making threats (e.g. I just bought an xbox, im not going on psn no more, etc etc) just [DELETED]

  • I swear I’m dissapointed with the general user anymore. Sony has nothing on the incompetence of “you”. The general users, and masses. Talk about the blind leading the blind. With the exception of maybe the few of us; the rest of you seriously need a binki or something. I honestly am going to sound like a jerk here for a bit, but I am so, glad some of you are selling your system(s) and moving over to Microsoft as your major console. Why? Because, you already fit the general profile of the average uneducated Xbox Live user. You cry, rage quit, and complain so, much it makes another persons ears bleed. Personally I’m glad you are leaving. If only you’d take a hint and get off the forums and blog(s) too now.

    Seriously. Sony has done everything by the book thus far. Again. Kudo’s to few who know what they are talking about and keeping up the good fight. Personally I’ve had it with the people.. I mean these mindless nulls. Sorry. Calling some of you human is too much of a compliment.

  • “I wanted to take this opportunity to clarify a point and answer one of the most frequently asked questions today. ”
    — So now Sony isn’t the bad guy and they handled this situation perfectly, eh? >_>

    “There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.

    For those who were looking there’s also an FAQ with some more frequently asked questions

    Thank you for your continued patience and support.”
    — Wall of Text. Sorry. Also, your “experts” took way too long to forensically analyze the situation and the extend of the damaged cause.

  • @32
    Guess who’s getting the last laugh right now? The ones who hacked the network, as they watch everyone dramatize the entire situation, giving Sony a bad name. I’m sure they’re in it to ring up everyone’s credit card and steal your identity like they did in that Sandra Bullock movie “The Net”. Remember why it was hacked in the first place.

    Don’t blame Sony the network was hacked – these guys would have gotten into anything they wanted to, it just so happens their target was the PSN.

  • I’m not blaming Sony for what happened. The individuals who did this should rot in jail for a very long time. However, I expect them to say something if there is even the slightest chance that my information was compromised. Moreover, I received an email the night or the day after about the PSN store update, but wasn’t notified about the “external intrusion” until 10pm EST on 4/26.

  • Glad to hear you’ve been working hard on this. can’t wait for everything to be working again. I have money burning a hole in my pocket.

    Oh ya I also care about my trophies like #4. I would be more upset if they were erased than if somebody stole my cc. I put more work into my trophies.

  • I want to know about the security of my login. If my password has been compromised, I’ll have to change it and come up with something better. (I’ve already been thinking up some already.)

  • @Rorek_IronBlood
    “Seriously. Sony has done everything by the book thus far.”

    I think maybe that’s the problem there. They might have done things by the book, but they haven’t managed to do the most important thing; keep us feeling assured & secure knowing that our information is definitely safe and the PSN will be back up sooner rather than later.

  • @52. I would like to be sure also, but I’m fairly confident that my debit/CC card will be just fine. They can’t access my SS#, and that’s the humdinger, so I’m good with my ID being my ID.

    I change my passwords about monthly anyways, and just did before it went down. Matches no other password I use (ugh, waayy too many…ty forgot password links…heh)

    And, as noted by CC professional, you should never answer your security questions truthfully. All you need to do is remember how you answered. For ex. What city were you born in? ans: Wonkaville. :) That way if someone actually got to the question, or already knows some info about you, they would still be without the answer to the security question, which is still secret.

    Just an idea for you to ponder.

  • So many of these comments make me want to just bang my head against a desk. Actually, it makes me want to bang some of your heads against a desk. Could Sony have handled this better? Probably. But the way you guys are acting is just disgraceful. “I’m going to sell my PS3 and get a 360!” Good luck with that, you spoiled little children. Paypal, American Express, Capitol One, the FBI itself, and, yes, X-Box Live have all been hacked at one point or another. There is no such thing as a completely secure network. Maybe if you actually did a bit of research instead of crying about this, you’d know.

    Blame George Hotz. It is his hack that is directly responsible for this. Fight the real enemy, people.

  • @Ness_and_Sonic
    I think the general consensus is that after the PSN is restored (eventually) we should all be:

    1. Removing our credit card & address information from our PS3 and getting PSN cards instead.
    2. Changing our password to a more secure & longer string.
    3. Changing the password to our email address and online bank account.

    @Autoxfool
    That’s a good tip…answering security questions differently to what is really real.

    =P

  • I told you so.

  • @Patrick Seybold

    While we appreciate the fact that Sony provided us with their findings and was honest about it, but what we don’t appreciate is how the possibility was ignored up until the very last minute.

    SCEA Failed to send a notice out to its customers explaining that a possibility of our financial and identity related data may have been compromised and that we should keep an eye our finances as well as make arrangements across the board for securing our well being. You put us in jeopardy.

    In programming when it comes to Real Time programming we say “The right answer late is wrong”. You guys gave us the right answer, but it was way to late and could have been too late to do certain people justice.

    Does SCEA have absolutely no concept of how much damage can be done in 5 days time?

    Some people also don’t use secure passwords. If their email and PSN account shared a password, well you can just imagine the damage that could have been done in that time.

  • In the past I have tried to change my security question and was told that that is one piece of information that I can’t change. A question I have is this: After this incident is cleared up, can we have the option to reset our security question, to allow us that 1 more bit of security for peace of mind?

  • @Nike629:

    I’ll give you that, but at the same time they may also believe that since their target audience is older teens to adults that they should be able to be I do, not know.. Rational? I think it falls also to the user to be able to comprehend and keep a level headed. The fact is that statistically out in real life that not only are at risk everyday of becoming an idenity theft victim, but that everytime you use your card you run the risk of having your information stolen. At all times. The person next to you is always your greatest threat and enemy. Even friends and family can take and steal your information. This is absolutly nothing to complain over as many have. Again while the risk is still there. It remains that no one has come forth with proof that due to this intrusion they are the victim of idenity theft or financial loss (financial theft.)

  • @Autoxfool #61

    I agree with you but what about all the people who didn’t do that. Also, what about other websites and what not that might have the same info as the PSN store. This is probably the largest security breach in history, and the PR for this has been handled poorly. I mean if I can get an email about the PSN store update after the PSN was closed down, why shouldn’t I get an email that my info was possibly taken? That only begs the question concerning the mentality of management. And I think the companies bottom line was more important than the consumer in this situation. I’m not bashing Sony here, however, if happened to them and its not their fault. But the way the handled the situation is at play here. And I’m not so much concerned about my CC info as I am about my personal info and at this moment I can’t even log in to see what information Sony has.

  • @61 tbh I’m not worried about much else because I am really secure with my other passwords (don’t use the same one on multiple sites unless i dont care that much about them) and my email which pretty much holds it all together has the most secure one of all.

    and while the CC info probably is mostly useless to the hackers by now I still feel better about canceling my debit card (which i did already did anyway) even though it was about to expire. i just feel like writing something like this off may not be the best idea. but in the end it is up to the users to do what they think is best with the information they’ve been given.

  • @15, 4 is probably a kid and doesn’t know any better. Remember everyone in here is not an adult with responsibilities. It is Sony’s mistake not his. He loves his trophies so I respect him for asking. @ 4 I am thinking your trophies are cool man. They will sync from your system to your account. .

  • Sony You better buy the rights to left for dead >:(

  • @44 that really 3 days if the server is shut down the 20th. and they have to to do it the legal way.They cant just blurt out “hey everyone your cc numbers being stolen by a hacker”. They might violating your rights as consumer doing it that why they see if it major or minor. They may not have the right t to look in the matter personally or Do they have hire a pvt team ? You have to Understand there 250 divisons of sony they all not nxt door to each other.

    Well if you say its 10 days then check your account and see if it has robbed. if not please stay on top of it. It does nogood to bash sony. “oh man you screwd me” becuase it took these hackers guys 5yrs to break in the system to do these mis deeds. So that should tell you the sercurity was there day one..

  • I could say some other things, but I’ll just stick to your post. –

    Thanks.

  • Hope we may play soon. Let’s if PSN downtime makes it under the other console’s downtime back in 08 :P

    Also good thing I don’t do credit card transactions. That is why I stick with PSN cards!
    And for those that say “Where the PS update?” etc…well
    1. Duh the PSN is down :P Were you guys expecting to buy addons for Uncharted3? LOL
    2. Besides, ill be honest, there has been too many good pstore ocntent passing weeks, so im sure we can hold out for a week w/o new adds ;)

    So what games are you guys playing? Thank goodness got chalange tower out of the way so I can focus on Castlevania :D

  • @mcbuttz78 my post says it all. its up to sony.

  • 1) 4/17 2) 4/18 3) 4/19 4)4/20 5) 4/21 6) 4/22 7) 4/23 8) 4/24 9) 4/25 10) 4/26

    Looks like 10 days to me from the begging of the service being hacked until being notified that my account information has been compromised.

  • @ 54 Rorek_IronBlood

    Someone here talked about “uneducated Xbox Live user” as if he got a PhD degree, while he did not sound like any so called “educated” man at all.

    Sure you can “dissapointed with the general user anymore”, but these “general user anymore” decide the market, this free market. Perhap perhaps you know nothing about econimy and need someone to enlighten you: these “general users, and masses” you indicated, are the customers of SONY, are SONY’s market. You dont care about “general user”, neither do they care about you. But SONY care about these “general users”, you are “glad they are leaving” but SONY is not. You can say what ever you want about XBOX LIVE, but whoever grab those customers wins, thats the reality.

    Many players use same user name and password on different platform and accounts (as SONY admits), SONY sould have sent the warning out sooner so many players can be awares and changed their passwords.

  • @ Bark – well said.

  • Patrick, just quit. Seriously, don’t give us anymore updates. They wont listen. One guy(idiot) said “Also, your “experts” took way too long to forensically analyze the situation and the extend of the damaged cause.”
    should be a t ^
    Are you kidding me? Patrick, whatever you say, the BlTCHES wont listen because the haven’t had their daily dose of CoD pills. 90% of the people here don’t even know what forensic analysis means. (Forensic Analysis in the context of information seucrity is the investigation of computer crime, including the data and evidence collection, analysis and presentation in court.)

    To me that says TIME CONSUMING!

    One guy in the VERY FIRST UPDATE said that people should check their CC info.

    Stop whining people. It will be ok. When PSN is back, you will forget. Except the people saying they’re getting an Xbox. LEAVE NOW! I’ll get the door.

    AND LASTLY, SPACEEEEEEEE!

  • i want my psn back, i’m bored

  • Best thing about downtime. No whining about what the PSN update did or did not contain.

    WHO’S WITH ME?!?! :)

  • Really the legal way. All they had to do is say that there is a possibility that your information has been compromised and that we’re doing a thorough investigation atm. How is that going to violate any law. /facepalm

  • 1) 4/17 intrusion is detected 2) 4/18 calls expert for analysis 3) 4/19 expert begins 4)4/20-4/25 lengthy investigation 5) 4/26 Sony learns personal info was stolen, and notifies us.

  • @81 Bark-n-lice: This is exactly what I had been trying to say this whole time! A fair warning at the start is what they should have done. I understand not wanting to create panic, but this is a lot worse imo.

  • @ Autoxfool there was nothing worth getting in the update.where’s my this and that, i want stuff now. roflmao hahahahah this all sux but you know what, what ya gonna do really. live it out like the rest of us. I found out what type of gamer club i joined the weekend. think I give it a go. ;)

  • agreed

  • good night!

  • oh and there sure are alot of people here that think they could do a better job. I highly doubt 98% of them could. I could but thats Me.

  • @Zhou-ting:

    I garuntee I know a lot more about the economy then you. Garunteed. I also understand though that pointless and petty threats of leaving over to another company is the same as crying out for attention. I’m sure Sony realizes a lot of things more so, then you or I could. Then again. I’m not being paid by Sony as a buisness consultant. You trying to make a stab at me (a poor one at that) is nothing short of laughable to say the least. I’m not the one going around crying out to be compensated or demand a thing from Sony. I don’t go, around sounding like some null following the conformist bandwagon either. Good try though.

    I’ve said what I had to say though and the truth is these nulls can keep on truckin’ if they do, so wish to. Power to them bottom-feeders. Most of them barely grasp the situation and most are content following. Thank the lord(s) I suppose that the internet gives us all this anonymity. Otherwise I’m sure most of them would be laughed at for their behavior.

  • I do not blame Sony for getting hacked.

    I do blame Sony for not encrypting sensitive data for 70+ million of its users.

Please enter your date of birth.

Date of birth fields