• -
  • irishtimes.com - Posted: April 27, 2011 @ 7:57 am

    Playstation Network remains shut down

    Ciara O'Brien

    Well isn’t this a massive mess. Sony’s Playstation network has been hit by a major attack and, if you’re registered with it – as 77 million people are – your personal details may now be in the hands of…who knows?

    It’s been a week since PSN was shut down, and in that time, Sony has apparently been working to find out exactly what happened. In that time it’s gone from a mild inconvenience about not being able to access online games to a potential security nightmare for PSN and its customers.

    The company has defended the length of time it took to notify customers of what had happened. This was posted on the Playstation blog yesterday:

    “There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”

    What’s more disturbing is that we don’t know yet exactly what information has been stolen – email addresses? User names? Credit card details? The only advice Sony seems to have is to keep an eye on your credit card statements for suspicious activity.

    From Sony’s FAQ on the outage:

    “Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information provided by PlayStation Network/Qriocity account holders: name, address (city, state, zip), country, email address, birth date, PlayStation Network/Qriocity password, login, and handle/PSN online ID. Other profile data may also have been obtained, including purchase history and billing address (city, state, zip)….If an account holder provided credit card data through PlayStation Network or Qriocity, it is possible that the credit card number (excluding security code) and expiration date may also have been obtained.”

    I’m a little annoyed that at best, some personal profile info and at worst, my credit card details, have been swiped. Sure, that is the risk you take when you hand over your details to a third party, but you expect better from large companies.

    But Sony isn’t the only one who has been hit by such attacks. The news archives are littered with stories of data breaches, from email marketers to retailers. At best, it’s a heap of spam choking your inbox; at worst, it’s identity theft and financial fraud.

    And then there are stories like this one, where companies are breaching data protection law for who knows what reasons.

    • shogun says:

      you dont see problems like this on the xbox 360

    • Gg says:

      this is a complete joke.

    • Clifton says:

      I’m truely sorry for what happen to our next work from our systen I hope sony and the people who was effect for this lost are ok I wish u the best and begin for streat to we can have our online systen running in no time. For the sony people I please ask u to capture the responsable that is done the damage to whon know’s and what kind of intentioins he will have but I will to to her from u guys soon so please eamil me at ice_305_3@hotmail .com I want to hear the lates news daily good luck and let god catch the responsable person for his action’s.

    • Dusti says:

      This Is so crazy how people are,You sony customers should shut up and let this company do there job at fixing this issue,Most of you people need to get another hobble beside playing a video game most of the time,I got one for you like reading a book of World History,

    • Dusti says:

      Everything has there moment

    • doc says:

      not yet for the XBOX360, im just glad i dont use PSN much and have never logged more than my email address!!!

    • annonymous hobo says:

      @shotgun dont forget that 2 weeks xbox 360 had at around christmas a few years back, if the hackers wanted to hack 360 they would, with ease

    • Joe says:

      F*** Xbox PS 3 is the s*** but now it is nothing but s*** free ps3 or trade for xbox anyone sony and the psn should pay the hacker to take care of the system so that this s*** dosent hapen agin Im starting to get black ops withdraws and gitery come on sony you can do it .. You dummys

    • Tom says:

      No-one attacks xbox cos it’s hard to make the xbox and worst than it already is. and don’t forget the Red rings. Sony will get it fixed eventually.

    • K.C.S says:

      Its just unforunated PSN had been target and intercept by hackers. Nothing is promise safe as we knew. Comment by shogun lead nothing but fool. I feel sorry for shogun more than psn crisis. Anything is possible but not impossible. Period….

    • willybum says:

      this is so boring come on Sony its Easter holiday and no one can play there ps3 I’m so close to preistiging on black ops

    • Craig says:

      Dusti, you sir are a d***, who do you think you are telling people what they should do

    • Sachi says:

      Call in the FBI… Please… I miss Killzone 3 D=

    • Sachi says:

      Even though I hardly play… My guy friends won’t knock off they complaints… Do your best =)

    • Paul says:

      Re: shotgun. If it can happen on the ps3 it can happen on the xbox nothing is safe nowadays

    • James Maddison says:

      This is a piss take… when will it be back on? seroiusly considering selling my PS3 and getting an XBOX360…

    • Alex says:

      When will it be going?

    • ENYO says:

      It is impressive how many people want to inform PSN users of how childish their complaints are. Dusti, you read a book, maybe a book on World History…as for me, I am waiting for the PSN to come back up.
      A grown up who reads, enjoys the outdoors, and still loves her PS3

    • ENYO says:

      Come on Sony give us a date/time to look forward to

    • john1 says:

      psn is taking the f***** p*** i feel like i should buy an xbox 360all my friends are saying they are gonna sell there ps3 if it takes more than a week and most of them are or have put it on sale already so if sony does not get online bakk they are going 2 lose out well anyways

      BAD LUCK! i mean good luck sony

    • Paddy Mac says:

      Is everyone who reads this site illiterate bar ENYO seriously there is more gibberish up there than in a Michael Moore film. Do hope Sony get it back up soon though. And Dusti shut up you dumb ass with the c**p you just wrote I doubt you are going through books by the day !

    • Dave McG says:

      On a serious note, i will be curious to find out WHEN the intrusion took place- as opposed to when Sony found out about it and acted on it.
      I discovered that i was the victim of credit card fraud almost 2 weeks ago the activity of which went back to the last week in March. And, yes, i did use my credit card in the past to buy things on the Playstation Network because i had presumed my information was secure. So, if my data was compromised from there this is an insanely long time it took them to react which is either naivity on their part for how accepting customers are of their complacency- or it’s genuine incompetance on Sony’s part. Both of which, at the moment, as equally valid options.

      “Which console is better” is a fairly mute point when talking about the security of the network they operate on- with Sony trying to get into the mainstream digital distribution game (with their new tablet as well as the Xperia Play’s recent release) this sort of attack on them is a major blow to the company, so not fessing up to this earlier completely ruins my trust with ever providing information to them again and i’m sure that i won’t be alone.
      I may, in future, purchase PSN points from a store and redeem them online but Sony as a trusted source to provide data to is no longer an option- flat out.

      The PS3 as itself- not operating online- is still a great console so i really don’t see the point in getting rid of it based purely on a network outage. It’ll be back, since it wasn’t a strictly operational issue.

      The truth is that ANY company operating online is a potential victim to this sort of attack and outage- XBox, PS3, Apple, Mastercard, Visa…

      A lot of the loudly vocal reactionaries will threaten to leave the PS3 behind, but very few have given thought to the fac tthat the XBox online is a paid service- one which i gladly pay for but i know discourages many people- especially people incapable (juveniles) or unwilling to pay (people used to PS3 & PC’s free online gaming).
      I have a PS3 & PC and enjoy not having to pay to play those online too so will just wait for the PS3 service to resume with my PC & XBox.

    • Dave, out of interest, was your card Visa or Mastercard? I’m building something here.

      ETA: Not identitiy fraud. Thought I should clarify.

    • Dave McG says:

      Ciara,
      It was my ViSA Card that i used over the Playstation Network, i literally only use my credit card for games networks (PSN, XBox Live, Steam) and shopping on Amazon.co.uk and Play.com. With one cinema trip booked this year too- which is what i had originally thought had compromised my information but the company has never gotten back to me about my concerns.
      This Playstation attack seems a little too conveniently timed for my liking now, but i’m going to hold out hope for myself and for the 77 million other PSN users that my fears aren’t confirmed!

    • Wow sucks for ps3 gamers lol. Xbox rules !!! :D

    • SdB says:

      Of course this can also happen to the 360, without doubt. However, perhaps we are missing the point here. Why have “anonymous” chosen PSN? Perhaps Sony have done something to attract this attention? Do these huge multi-nationals attract this attention because of their commercial arrogance?
      Is “anonymous” motivation to steal credit card data – dont think so. The motivation is to show Sony what it can do and to show respect to fellow technically savvy individuals.

    • I think Anonymous has distanced itself from this particular attack.

    • SdB says:

      Perhaps, but the point is not whether this is the work of anonymous or not, but the motivations behind the attack.

    • Of course – it’s just for clarity really.

      It will be interesting to see who is actually behind this attack. Obviously I have a vested interest, given that I’m a registered member of PSN.

    • Dave McG says:

      From what it’s generall understood & accepted Anonymous, as a larger group, have denied involvement in the attacks- and i think the fragments of them had claimed to have been behind a DDoS (their usual method of operation) attack that they claimed brought the network down.
      It wasn’t a DDoS attack, it was an ACTUAL database hacking attack, and Sony took the network down as a response to this… they weren’t forced down by massive crippling activity on the network.
      So, the claims made by groups claiming to represent ‘Anonymous’ were entirely incorrect in how they claimed to have affected Sony’s network.

      The motivation that the splinter-group claiming to be ‘Anonymous’ would have been a response to the ‘Geohot’ controversy in recent weeks- and the online community’s response to Sony’s treatment of him… essentially Sony sued him for using his legally purchased equipment in a way that they didn’t agree with (jailbroken/ hacked) and Sony was then granted access to all information pertaining to people who so much as visited his own website or YouTube account- in essence if you happened to click, even accidentally, on a YouTube video by him Sony have received all infromation (IP addresses etc) held by YouTube pertaining to your activity.
      More info at: http://en.wikipedia.org/wiki/Geohot

      However ‘Anonymous’ normally only engages in taking major sites down through DDoS rather than accessing individual users accounts and committing fraud with said information.
      So, it’s a presumed certainty that this wasn’t ‘Anonymous’, and if the person who did this claims to have been from them then they definitely weren’t acting in the capacity with which ‘Anonymous’ have, in the past, engaged.

    • Rick says:

      And in the mean time, everyone that didn’t, should have thought about getting a life for once.

    • Dave McG says:

      @Rick
      I’m going to presume that your “getting a life” comment is based on the people who seem desperately left at a loose end without online connectivity for their games console (though this wasn’t addressed directly by you)- and NOT at the people who have genuine concern over the responsibility of Sony to protect their credit card information provided under the facade of it being transmitted and stored on a secure and responsible network…

      So whether i have a life or not i still have a right to be concerned about all aspects here, i paid for the console, i paid for the tv, i paid for the internet connection, and my PS3 could very well be my web-browser for going online and posting disparaging remarks against people whose hobbies i disagree with on the internet, and right now someone has hindered the ability to use the console for all of this AND could very well be behind the ‘one thousand and something’ euros defrauded off of my credit card.

      My concern here is financial & personal, not self-revelatory, it’s not “oh, i should have taken hang-glider lessons instead! Then this never would have happened!” or “Someone on the internet disagrees with how i spend my free time! boo hoo hoo!”

      G*d knows we could all do with getting out more, but when i’m in and settled of an evening i play computer games- some people read, some watch football/ Master Chef on TV, some people troll internet message boards, some play computer games online…

      This is a serious issue, and if your bank’s security was compromised in a similar way- with your personal information accessed- i don’t think you’d apreciate it if i chimed in with “That’s why i always get paid cash-in-hand. Get a life.”

    • matty says:

      im gutted tht PSN is down, maybe they shud try improve on security aswell

    • Dave McG says:

      On another note, from a PR point of view- regardless of what information was taken- Sony really should have told told subscribers about all of this earlier and directly.
      I get e-mails every other day telling me about offers in the PSN Store, but not one direct e-mail about these difficulties and their network attack. Playstation have reacted to this fairly poorly, announcing it earlier would have helped them weather a much less severe and uncertain storm.

      Sony is still sticking by their policy of not directly saying that credit card information was taken, but that people should check their credit card statements- now, this last week of PSN disruption has pretty much taught us that Sony can’t be trusted to tell it’s subscribers all of the information they need to know so, whether there’s activity on your card or not, i’d recommend cancelling any cards used through the PSN and changing passwords of any services used through there.

      With any potential access that a hacker may have gotten to millions of credit card numbers it’s unlikely that all compromised numbers will be used straight away, so it’s probably in people’s best interests to use caution.
      It might seem extreme but if Sony do come out later and confirm that credit card information was definitely taken then i’d rather have acted on my suspicion than waiting… there’s no loss made and only peace of mind gained.

    • Lee says:

      All I got to say is find the person who did it and beat his a## and lock him up for about 20 years.

    • Conor Mc says:

      I think its a joke that PSN users have only been told about this now and saying today on the news that their was no money stolen and that the only thing that was stolen was email addresses,names and D.O.B.s etc.. I am a PSN user myself and i always thought that the security was up to scratch but i was wrong, because of this i am thinking of switching to xbox but for now i hope that they can sort it out quickly and get back playing PS3.

    • domo says:

      Just reading through the comments on this article and I’ve come to the conclusion that:

      ALL OF YE PEOPLE ARE STUPID.

      That is all.

    • Dave McG says:

      @Conor Mc
      I don’t think there’s a need to switch to XBox (though it is a wonderful platform) as any company operating on the internet could be victim to an attack like this…. though hopefully not on this scale- and the damage at Sony is already done.
      It’s definitely THE reason to limit what information you provide to Sony- PSN credits bought in a physical store is a way around leaving yourself open to any financial fraud, and using a unique seperate e-mail address, made-up date-of-birth, and fudging any other information you can get away without.
      Do that and a hacker will essentially only get are ‘Man McMadeUpSurname’, psn.user123@whatevermail.com and your birthday as 01/01/1901… if you can get away with that i’d definitely recommend it. If that information’s compromised then you’re losing nothing.

    • Shogunsux says:

      Hey shogun, if youre so in love with xbox 360, why do you spend your miserable time looking at a ps3 blog? go get a life

    • alison (OoIRISH ANGELoO says:

      ps3 is a waste… xbox is well better for loads of reasons.xbox is always the same when new modles are you you can stil play with old where ps3 you will hav to buy a new 1 and new games… xbox you get all new maps b4 Ps3 and the graphics are better… xbox allows you to talk to your friends playing different games and have alot more accessories… also as it was mensioned about the red rings that doesint happen on the new model…

    • Conor Mc says:

      @Shogunsux
      I didnt say that i was going to switch to xbox i said that i was thinking about moving to xbox because PSNs service has been down for weeks now and i am getting fed up. More than likely i will stay with PS3 because i prefer it to xbox but if PSN is not back within a few days i will probably switch so get your facts right next time and open your eyes.