The Playstation 3 is IDENTITY THEFT

There's good news, though: apparently Portal now has 100% more J.K. Simmons.

also The National :(

Gran Turismo 5 is so great. It reminds me of everything I loved about GT3 but improved in exactly the right ways.

The first time in three months that I turn this thing on and the PSN is down for two days.

http://art.penny-arcade.com/photos/1261596481_3Fw2MnJ-L.jpg

Speaking to PC World, Sony Computer Entertainment Japan spokesperson Satoshi Fukuoka said the company "has not yet determined if the personal information or credit card numbers of users have been compromised, but that Sony would promptly inform users if it found that was the case."

yikes
http://techland.time.com/2011/04/25/playstation-network-down-for-fifth-day-as-sony-%e2%80%98rebuilds%e2%80%99-from-%e2%80%98intrusion%e2%80%99/#ixzz1KZBYtOJl

hoo boy

I misread the tag "outage" as "outrage"

http://www.giantbomb.com/news/good-news-psn-back-maybe-within-a-week-bad-news-everything-else/3084/

wow.
time for a class action lawsuit here.

heard from someone at microsoft, mood over there is very somber. they realize that the only reason this happened to sony and not them is because sony was put in the crosshairs by the geohot thing. it can happen to any company.

matt, is this big enough that you think it'll mark a change in the business? How damaging is this for Sony in the long run?

they realize that the only reason this happened to sony and not them is because sony was put in the crosshairs by the geohot thing.

man it's terrible for sony. i have no idea how this will all play out though, i'd just be speculating.

but yeah those ghetto prepaid cards aren't so bad! :)

The fun bit is imagining how Gabe Newell must be reacting to all this.

I'll be really curious to see how much of an impact (if any) this debacle has on the NGP since it's going to be PSN-only.

no hacker would be stupid enough to do anything with CC information now. best would be to wait several months. then little purchases here and there.

gah between this and the gawker thing it's enough to make me paranoid for life.

hoping they don't retain card details from over a year ago

why wouldn't they? if they stored all this shit unencrypted and unhashed, they're liable to do any goddamn thing

I'm trying to remember if the credit card info I used to buy Wipeout 2 years ago is before I changed my card or not. This kind of sucks. And I feel dumb for not having removed the credit card info associated with my PSN account after having made that one purchase.

I've checked my bacnk account like 5 times today but like I said any shenanigans wouldn't happen for awhile if the hax0rs are smart (and if they managed to get CC details in the first place, which hasn't been confirmed yet; though all the other information exposed is damaging enough in itself. I mean, with all that's been exposed, a hacker could probably just apply for a credit card in my name.)

eh, I don't think they have enough to do that; Sony's only confirmed that they got names, physical addresses, phone numbers, mailing addresses, birthday, email addresses/PWs, and possibly password security questions/answers. you definitely need more personal info than that (SS# in particular) to get credit, unless of course you've got the same login/password combo for your bank as for your PSN account (do not do this).

not that I'm excusing Sony in the slightest! I have to go to the bank today and get my card killed then disable all my bill autopayments then set them all up again when the new card comes in thanks to their decision to put the Dr. Nick Riviera of data security in charge of their team. they can also go fuck the sun for waiting a full week to give people a heads-up about their personal data being compromised; surely that's in violation of some consumer-protection laws (Gawker at least had the decency to let me know within a day or two of the weekend when all that shit went down). really hard to imagine that they won't get hit with a massive, massive suit over this.

speaking of Gawker, the one good thing about that whole ordeal was that it led me to pull the trigger on the 1Password suite which is why I'm reasonably copasetic about all this bullshit at the moment. imo it's must-have gear for anyone who uses the internet.

yeah, i was just looking at 1Password myself. i haven't done it yet though cause like, what if i need to register for a site at work and don't have 1Password? and what about all my existing sites? there's probably 100 sites i've bought something from over the last several years.

I guess I should go to the bank and get a new card, too. God damn it. This has also affected me at work (I work in the industry) as I had a bunch of content scheduled to release this week and it all got pushed out, so I am probably going to have a shitload of paperwork to fill out this week.

xpost

1password has dropbox sync support for the password list; I just installed both programs on my work computer too and it works great. the iOS 1password apps support it too. I think it's like $40 for the app + the software, which is totally a reasonable amount to pay for peace of mind during a situation like this.

oh and 1password basically adds logins/passwords to its database in realtime as you browse (it's a browser plugin, not just a standalone program) - to add the 100 sites where you've bought stuff from, just visit them, log in normally, and 1password will ask you if you'd like to add it to your list.

Hmm... this is actually weighing heavily on my post-E3 purchase decision. Hope Sony explains this screw up adequately and soon.

1password scares me. Just seems like bad practice to keep passwords "written down" in one place no matter where it is. What if the password for 1password gets hacked, or their service compromised?

that's why you sign up for 2passwords as well

xpost

it's not a service - the passwords (including the master password for the software) are stored locally in a heavily encrypted file; you have the option of putting it in a Dropbox folder & pointing the 1password program towards that location to sync to your devices/other computers/etc. there's no master database for anyone to hack into - they'd have to get into your actual computer and install a keylogger in order to crack it, and frankly at that point you've got bigger problems to deal with.

sorry if I sound like a 1pass sales rep, this thing is just a lifesaver IMO

*registers 3passwords.com*

So what are the minimum number of steps that you guys think people should take in the wake of this security breach? Change of email password? New credit card?

burn everything you own, move to woods

1. change email password; monitor credit card account (btw, you should already be monitoring your cc account anyway so this shouldn't be an additional burden)

2. if fraudulent charges pop up, contest them immediately and change your card number

yeah, i always monitor my credit card account on a weekly basis

Sony have my email address. Why haven't they emailed me to at least notify me?

man I feel like a good principle in this new brave age of cyber terrorism is just to take nothing for granted and get your credit card # changed every 3 months

also change your name, age, and gender every 3 months for maximum protection

My one trick with some of these kind of sites is not to give my real DOB and certainlynever fill in my real phone # or address. Unless I'm being physically mailed something, they dont need any of that. Make my DOB 01/1/someyear, and my phone number 0312345678. And when I order online things, I get em sent to work.

Sony have my email address. Why haven't they emailed me to at least notify me?

They don't have it any more, some guy stole it.

http://www.eurogamer.net/articles/2011-04-28-sony-your-card-data-data-was-encrypted

blocked, i'd say give me the gist but i can read the url i guess

Blocked?

Gist: CC tables were encrypted, no evidence those tables were accessed, still a possibility that they were. Check yo self.

Also they have confirmed that the usernames, passwords, email addresses, addresses, etc. from the user table was unencrypted and has been taken.

Again why am I having to read this in the press? Why haven't I heard from Sony?

Though JimD's explanation is admittedly persuasive

If Geohot taught us anything, it's how good Sony is at encrypting data. They'll have used the same key for all the encryption, probably, and the credit card data will be open to anyone with a few days to leave a computer decrypting.

One of my friends went to the bank to cancel his cards, and they said the data stolen is enough for someone to apply for credit in his name, but I think that was a ploy to sell him a protection plan at £5/month!

Should be ok if I used paypal on PSN Y/N?

¯\(°_°)/¯

here's another take:

http://forums.sarcasticgamer.com/showpost.php?p=645846&postcount=734