Sony Public Relations Posts Grim Update On PSN Situation.
By on April 29th, 2011

HUGE ALERT TO ALL THOSE READING THIS: If you use one password on all services online then stop reading this post and go change ALL of those passwords. Done? Okay, good. Read on.

PSNup

Here is the bad news: your Credit Card information has probably been stolen. Here is the extremely bad news: the hackers also know where you live and your phone number, as well as the password that you use on most of your services (if you are the one password is enough for a bajillion accounts I am very secure!kind of person). Here’s the gist:-

What they have stolen:-

  • Name
  • Address
  • Country
  • Birthday
  • Email Addresses
  • PSN ID/Password
  • Probably Your Trophies As Well

What they might have stolen:-

  • Purchase History
  • Credit Card numbers used for purchase
  • Security question on your PSN account (which is usually the same across many platforms, so change this one too)

What Sony officially advises you to do:-

If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit or similar types of reports.

How did the hackers obtain your password in the first place?

Why, it was in plaintext, my good man!

<user2>  creditCard.paymentMethodId=VISA&creditCard.holderName=Max&
creditCard.cardNumber=**********&creditCard.expireYear=****&creditCard.
expireMonth=*&creditCard.securityCode=***&creditCard.address.address1=
example street%2024%20&creditCard.address.city=city1%20&creditCard.
address.province=abc%20&creditCard.address.postalCode=12345%20

<user2>  sent as plaintext

<user3>  uh

<user3>  did you censor that card?

<user2>  ya its fake

<user3>  good

<user1>  wow, plaintext :S

<user5>  plaintext wow

<user3>  im never putting in my details like that

<user2>  ya is all fake lol

<user2>  i never used cc on ps3

<user2>  normally you ATLEAST enccrypt the securtity code, even if its ssl

PSNDRM

As the entire chat log of the hackers while they were penetrating the PlayStation Network shows at one point of time, I really cannot believe that a network that puts so much Digital Rights Management (DRM) protection on every game manages to store passwords without any kind of encryption. Thoroughly unbelievable. It is going to take a lot of coaxing from them for me to get back to the network. Thoroughly disgusting and outrageous.

Tags: , , ,
Author: Kaushik Google Profile for Kaushik
A mobile technology lover and a Strategy and RPG-game fanatic. I also enjoy astronomy and programming. I am a biotechnology engineer learning through this fascinating subject while poring over computer science. Hit me up on Twitter for more

TCA Lakshmi Narasimhan has written and can be contacted at kaushik@techie-buzz.com.
 
Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN