The Great 2011 PSN Outage Megathread *Post 1 updated*

Liamario wrote: »

People with modded consoles are the people who hacked the netrwork. The very reason that Sony doesn't want modded consoles out there. :rolleyes:

Is it even known yet who hacked it?

I heard the hackers were soon killed after the hacking by explosives wired to their ps3's

A-Trak wrote: »

What I will say in defence of Sony in this instance is they're commendably honest in their time frames for a fix. They publicly said could be 48 hours before it's back up. A lot of other companies use ambiguous terms such as shortly and ASAP, which just lead to further frustration.

Mmmmm, my words, I hope they're delicious

I'm not saying Sony have no part to blame. But RangeR is implying that the hackers were like Lybian rebels fighting a tyrant.

Sony have some responsibility, but at the same time, hackers will always find a way. Nothing is 100% secure and I think no matter what security Sony had in place people would still blame them for being completely incompetent.

People aren't being reasonable.

Liamario wrote: »

I'm not saying Sony have no part to blame. But RangeR is implying that the hackers were like Lybian rebels fighting a tyrant.

Sony have some responsibility, but at the same time, hackers will always find a way. Nothing is 100% secure and I think no matter what security Sony had in place people would still blame them for being completely incompetent.

People aren't being reasonable.

Reasonable? it's been down for a week. Sony are a massive company with a lot of expertise at their disposal, them being taken down like this is unacceptable really.

Already changed my passwords on any associated accounts, too slow ****as!!

Liamario wrote: »

It's not reasonable to expect a company to have a 100% secure system. There is always away around, whether it be social hacking or human error.
As I've already said, Sony have to take a lot of the responsibility. My issue is with people ignoring the fact that scumbag hackers broke into the system and stole the information. This seems to be getting ignored by some people.

It takes 2 to tango.

I don't think anyone ever mentioned 100% secure. The way I see it, Sony barely hit the 20% secure mark. Not encrypting information is unforgivable.

I'm also not letting the hackers off. However, Hackers are an every day event. Everyone [in the online world] expects to get hacked. Reputable companies should pro-actively protect themselves from attack, not re-actively. Even simple IDS would help.

If Sony had performed due diligence with MY details, all the hackers would have gotten would have been encrypted, useless information.

I feel that you are concentrating on the fact an attack happened,rather than the outcome of the attack.

As much as I HATE analogies on boards... You own a house, you lock the doors. If someone comes a knocking, you vet them before you let them in. You don't put a sign on the door saying that there is loads of money on the other side and then leave the money outside the safe.

amacachi wrote: »

What's still confusing me is the link between the CFW mimicking the dev-consoles and the access to the data. If there is one, there's always the chance it's just a coincidence the two things happened at once.

I don't understand that either. Sony aren't very forthcoming with information.
Security through obfuscation is not real security.

We'll have to agree to disagree.

But, I think we can all agree on this......

My Dad: "Told ya those video games would get ya eventually!"

I didn't ask him to elaborate...

PaddyBomb wrote: »

Does PSN ask for your mobile number anywhere? Anyone else getting loads of poxy survey people ringing their phones?

I'd say this is a co-incidence.

That class action lawsuit against Sony has pretty much been stop before it started, now companies can choose to deal with people 1 by 1 instead of in a large group. If anyone wants to sue Sony in the US they need their own lawyer and to make an orderly line.

http://www.latimes.com/business/sc-dc-0428-court-class-action-web-20110427,0,1239412.story


Also would cover otheros as well.

Mayo_Boy wrote: »

How do you know when your email is hacked?
Should I change my password to be on the safe side?

Well in my account, some bastard in Venezuela hacked into it and sent spam emails to 3 of my contacts, the messages made absolutely no sense, it was like random characters eg: gk5ksodoc021&osa and then a link to some drug website.

And ya I would change my password if I were you, it only takes a few seconds.

Ciano35 wrote: »

Well in my account, some bastard in Venezuela hacked into it and sent spam emails to 3 of my contacts, the messages made absolutely no sense, it was like random characters eg: gk5ksodoc021&osa and then a link to some drug website.

And ya I would change my password if I were you, it only takes a few seconds.

I've had that before with the drug website, fairly sure it's not related to the PSN hack, just a coincidence

I'd say credit card company's employee's heads are wrecked.

Q: Are you working with law enforcement on this matter?
A: Yes, we are currently working with law enforcement on this matter as well as a recognised technology security firm and local law enforcement to conduct a complete investigation. This criminal attack against our system and against our customers is a criminal act and we are proceeding aggressively to find those responsible.

Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.

Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however, that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.

Q: What steps should I take at this point to help protect my personal data?
A: For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your statements.

Q: What if I don’t know which credit card I’ve got attached to my PlayStation Network account?
A: If you’ve added funds to your PlayStation Network wallet in the past, you should have received a confirmation email from “DoNotReply@ac.playstation.net” at the email address associated with your account. This email would have been sent to you immediately after you added the funds, and will contain the first four digits and last four digits of your credit card number. You can also check your previous credit card statements to determine which card was attached to your PlayStation Network or Qriocity accounts.

Q: When or how can I change my PlayStation Network password?
A: We are working on a new system software update that will require all users to change their password once PlayStation Network is restored. We will provide more details about the new update shortly.

Q: Have all PlayStation Network and Qriocity users been notified of the situation?
A: In addition to alerting the media and posting information about it on this blog, we have also been sending emails directly to all 77 million registered accounts. It takes a bit of time to send that many emails, and not every email will still be active, but this process has been underway since yesterday. At this time, the majority of emails have been sent and we anticipate that all registered accounts will have received notifications by April 28th. Consumers may also visit uk.playstation.com/psnoutage and www.qriocity.com for notices regarding this issue. In addition, we have taken steps to disseminate information regarding this issue to media outlets so that consumers are informed.

Q: What steps is Sony taking to protect my personal data in the future?
A: We’ve taken several immediate steps to add protections for your personal data. First, we temporarily turned off PlayStation Network and Qriocity services and, second, we are enhancing security and strengthening our network infrastructure. Moving forward, we are initiating several measures that will significantly enhance all aspects of PlayStation Network’s security and your personal data, including moving our network infrastructure and data center to a new, more secure location, which is already underway. We will provide additional information on these measures shortly.

Q: Has Sony identified the party or parties responsible for the PlayStation Network hack and subsequent theft of personal information?
A: We are currently conducting a thorough investigation of the situation and are working closely with a recognised technology security firm in order to find those responsible for this criminal act, no matter where in the world they might be located.

Q: When will the PlayStation Network and Qriocity be back online?
A: Our employees have been working day and night to restore operations as quickly as possible, and we expect to have some services up and running within a week from yesterday. However, we want to be very clear that we will only restore operations when we are confident that the network is secure.

any word of them restoring the any OS feature?

This is just another example of why you get better service with pirate games, music and movies, the paying customer gets their identity stolen and screwed over. the gimp who pays, gets their name address and mothers maiden name slapped in an unencrypted database, by a company who taunts an entire community of millions of hardcore computing ninjas to try and steal them.

I spent 4 hours trying to get a legit copy of portal 2 to work on my friends PC because steam didn't like belkin routers and firewalls. meanwhile my other friend gets it from bit torrent and has not a bother.

GeoHot didnt deserve to be dragged through the legal system for what he did. Sony should have hired him to help secure their network and their future consoles to protect their users and their business.