Skeith

Irish.

Tai vienas iš Irlandijos symbolių - Irish leprechaun

LRyte staripsnis buvo sendien dienos numery,manoma,kad i piktadariu rankas pateko pasenusi 2007m duomenu baze,kurioja laikoma informacija apie 12,7tuks.kreditiniu numeriu.Jie priklauso arba priklause Vokietijos,Austrijos,Nyderlandu ir Ispanijos pilieciams. Tai kas nesiregistrave minetose salyse gali atsikvept

 

Deja neteisingai supratai.

Tai duomenys kurie buvo pavogti kada buvo atakuoti SOE serveriai o ne PSN serveriai. Ankščiau buvo galvota kad SOE serveriai nebuvo atakuoti.

We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible.

Štai ką SONY pasakė apie tai.

Thor.God.of.Thunder

3.60 + only

PSN paskyrų diagrama ir kaip hakeriai nuhakino PSN

Galvojate kiek vartotojų duomenų buvo pavogta per PSN ataką ir kokiame regione kiek? Markas MacDonaldas tweeteryje paskelbė diagramą, kuri parodo kiek ir kur.

Ši diagrama buvo padalinta visiems žmonėms Sony press konferencijoje dėl PSN atakos, kuri vyko Gegužės 1.

Sony taip pat parodė kaip hakeriams pavyko atakuoti PSN. Diagrama žemiau.

Nebukite apgauti, tikėdami kad gausite taip vadinama kompensaciją

Neversiu pirmą tekstą nes matau kad visi tik į haliavą žiuri.

Naujienas talpinu iš oficialios HACK svetainės ir tiesiog neturiu laiko versti. Galiu išvis nieko netalpinti jeigu norite. Deja nesu Leituvis - todėl man labai sunku išversti tekstą.

Išverčiu viską, ką pažymėjau raudonai.

Nors 30 nemokamų PS+ dienų įdomus pasiųlymas, ar Sony nenori padaryti didžiausią klientų apiplešimo akciją, prisidengiant compensaciją?

Pagalvokime minutelę apie tai. PS+ duoda galimybę savo pirkėjams gauti exclusive žaidimus ir kitus dalykus už mėnėsinį mokestį. Kada perki PS+ - aiškiai matome kad jeigu jus neperkate toliau PS+ pasibaigus galiojimo laikui, visi jūsų gauti "nemokami" žaidimai bei PS+ specialus dalykai tiesiog nustoja veikti kol jus vėl nenusipirksite PS+ (praktiškai jus prarandate viską kad buvo PS+ , jeigu nenusipirksite jo vėl. Panašu į narkotiką )

Sony pasakė kad duos Sony exclusive kaip kompensaciją už PSN neveikimą. O reiškia galbut tai kad Sony planuoja apiplėšti vėl savo vartotojus? Sujunkite šį pažadą su 30 dienų PS+ ir ką jus gaunate? Didelią apgavystę, kuri apgauna jus kad jus pabandytumėte PS+ servisą ir priversti jus paskui už jį mokėti (tapti pirkėjų).

Dar tie vartotojai, kurie pradės naudotis PS+ servisais, tokiais kaip online storage - o galės jie atsiimti savo seivus ir t.t. kada nemokamo PS+ laikas baigsis? NE. NE GALĖS. Jiems reikės iš naujo nusipirkti PS+ 60 dienų begyje kad atgauti savo duomenys. Neblogai, jo?

Aplamai pažiurėjus - visa tai panašu į nesažiningą taktiką čia... ir galbut reikia saugotis tos taip vadinamos "kompensacijos"

Dont Be Fooled By Sony’s So Called Offer Of Compensation

Complimentary Offering and “Welcome Back” Appreciation Program

While there is no evidence at this time that credit card data was taken, the company is committed to helping its customers protect their personal data and will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in each region.

The company will also rollout the PlayStation Network and Qriocity “Welcome Back” program, to be offered worldwide, which will be tailored to specific markets to provide our consumers with a selection of service options and premium content as an expression of the company’s appreciation for their patience, support and continued loyalty.

Central components of the “Welcome Back” program will include:

* Each territory will be offering selected PlayStation entertainment content for free download. Specific details of this content will be announced in each region soon.

* All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service. Current members of PlayStation Plus will receive 30 days free service.

* Music Unlimited powered by Qriocity subscribers (in countries where the service is available) will receive 30 days free service.

Additional “Welcome Back” entertainment and service offerings will be rolled out over the coming weeks as the company returns the PlayStation Network and Qriocity services to the quality standard users have grown to enjoy and strive to exceed those exceptions.

While an offer of 30 days free PS+ itself is a nice gesture, are sony about to make the mother of all screw ups under the veil of compensation?

Lets think about this for a minute, PS+ allows its subscribers to gain PS+ exclusives, and free content on a monthly basis. When you subscribe to PS+, it is made clear that any content downloaded that is PS+ exclusive may be subject to expiration at the end of the PS+ subs period, unless that subs is renewed (basically you lose the content unless you renew the subs in time).

Sony have stated that it will be offering Sony exclusives as compensation for the recent PSN downtime. Does this mean sony are about to rip its users off yet again? Combine this with the 30 days free ps+ offer and what do you get? A big compensation trick to fool you into effectivly trialling the service, and to tempt you into subscribing for a longer period.

Theres also those users that will use the online saves feature ps+ offers, will those users be able to grab their saves, after the 30 days free has expired? No they will not, they will have to subscribe again to PS+ withing 60 days to be able to obtain their own content. Nice.

All in all, it seems sony have some dirty tactics at play here… and maybe this offer should actually be avoided at all costs.

Ačiu jums

... * They stated again that they don’t believe any CC numbers were taken but they said you should keep an eye on your credit card statements.

* They will be working with the FBI to conduct a full criminal investigation

* Out of 77 million users, about 10 million had active credit cards (ONLY 10 million?) - Mano manymų todėl 10 millionų tik nes protingieji pašalino visus savo duomenys kai tik sužinojo kaip Sony juos laiko neapsaugotai. Aš irgi tai padariau ...

 

 

ka cia pezi, niekas nezinojo kaip sony saugo ju duomenis iki vagystes, todel nieks nieko nedare, o jau po vagystes niekas negali nieko pasikeisti ar pashalinti , nes NULUZES PSN, tai man labai idomu kaip tu pats pasalinai savo cc duomenus....

 

Visų pirma siūlau kalbėti normaliai.

Antra - kada Graf_chocolo pradėjo tyrti reikalą kaip atstatyti OtherOS palaikymą, keli hakeriai pamatė kad SONY siūnčia visus duomenys neapsaugotai (saugo juos tiesiog paprastame tekstiniame formate). Hakeriai perspėjo visus forumų bei hack svetainių vartotojus kad dėl tokios apsaugos mums geriau pašalinti savo išsaugotus duomenys iš PSN sistemos. Tas perspejimas buvo kažkur sausio mėnėsį ar net ankščiau man atrodo.

Informacija apie creditines bei debetines korteles (numeriai, apsaugos kodas - VISKAS buvo laikoma be jokios apsaugos. Grynas tekstas) CVV apsaugos kodas laikomas atskirai bet irgi be encryption.

Duomenys galima pašalinti, prisijungus prie savo profilio SONY website. Iš PSN tiesiog iš SONY konsolės man atrodo irgi galima, bet nesu tikras.

Kai tik sužinojau kad ankščiau ar veliau tai tikrai bus taikinys atakai kokio nors pamišelio - iškarto pašalinau visas duomenys.

Tuo labiau kad jau planuodavau instaliuoti CFW kadangi PSN man nereikalingas.

Millions of gamers and PS3 owners have been without PSN service for over a week now. As of today May 1st they held a press conference that started at 1 am EST and the topic of that conference was the much anticipate return of the PSN. Among the things detailed in this conference tonight was what the loyal PSN users would get in compensation for going with their online gaming.

So what is my compensation for PSN downtime? For starters all PSN members will get a free month of PSN+ (current PSN+ members will get an extra month of service for free) and they will also be giving out “selected PlayStation entertainment content” for free downloads. More details to come at a later point this month. Current Music Unlimited subscribers will also be getting a free month of service.

The PlayStation network should be making a partial return next week, with it being fully restored sometime by the end of the month. A firmware update will of course greet you when the network comes back online. And of course you can expect that Sony did a complete revamp of their security so your data should now be “safe”.

Some other points of interest are:

* They stated again that they don’t believe any CC numbers were taken but they said you should keep an eye on your credit card statements.

* They will be working with the FBI to conduct a full criminal investigation

* Out of 77 million users, about 10 million had active credit cards (ONLY 10 million?) - Mano manymų todėl 10 millionų tik nes protingieji pašalino visus savo duomenys kai tik sužinojo kaip Sony juos laiko neapsaugotai. Aš irgi tai padariau

Still no explanation on what happen and no apologies for not securing your data properly. Do you think Sony is doing enough with what they have promised?

SOME PLAYSTATION®NETWORK AND QRIOCITY™ SERVICES TO BE AVAILABLE THIS WEEK
    Phased Global Rollout of Services to Begin Regionally;
    System Security Enhanced to Provide Greater Protection of Personal Information

    Tokyo, May 1, 2011 – Sony Computer Entertainment (SCE) and Sony Network Entertainment International (SNEI, the company) announced they will shortly begin a phased restoration by region of PlayStation®Network and Qriocity™ services, beginning with gaming, music and video services to be turned on. The company also announced both a series of immediate steps to enhance security across the network and a new customer appreciation program to thank its customers for their patience and loyalty.

    Following a criminal cyber-attack on the company’s data-center located in San Diego, California, U.S.A., SNEI quickly turned off the PlayStation Network and Qriocity services, engaged multiple expert information security firms over the course of several days and conducted an extensive audit of the system. Since then, the company has implemented a variety of new security measures to provide greater protection of personal information. SNEI and its third-party experts have conducted extensive tests to verify the security strength of the PlayStation Network and Qriocity services. With these measures in place, SCE and SNEI plan to start a phased rollout by region of the services shortly. The initial phase of the rollout will include, but is not limited to, the following:

        * Restoration of Online game-play across the PlayStation®3 (PS3) and PSP® (PlayStation®Portable) systems-This includes titles requiring online verification and downloaded games
        * Access to Music Unlimited powered by Qriocity for PS3/PSP for existing subscribers
        * Access to account management and password reset
        * Access to download un-expired Movie Rentals on PS3, PSP and MediaGo
        * PlayStation®Home
        * Friends List
        * Chat Functionality

    Working closely with several outside security firms, the company has implemented significant security measures to further detect unauthorized activity and provide consumers with greater protection of their personal information. The company is also creating the position of Chief Information Security Officer, directly reporting to Shinji Hasejima, Chief Information Officer of Sony Corporation, to add a new position of expertise in and accountability for customer data protection and supplement existing information security personnel. The new security measures implemented include, but are not limited to, the following:

        * Added automated software monitoring and configuration management to help defend against new attacks
        * Enhanced levels of data protection and encryption
        * Enhanced ability to detect software intrusions within the network, unauthorized access and unusual activity patterns
        * Implementation of additional firewalls

    The company also expedited an already planned move of the system to a new data center in a different location that has been under construction and development for several months. In addition, PS3 will have a forced system software update that will require all registered PlayStation Network users to change their account passwords before being able to sign into the service. As an added layer of security, that password can only be changed on the same PS3 in which that account was activated, or through validated email confirmation, a critical step to help further protect customer data.

    The company is conducting a thorough and on-going investigation and working with law enforcement to track down and prosecute those responsible for the illegal intrusion.

    “This criminal act against our network had a significant impact not only on our consumers, but our entire industry. These illegal attacks obviously highlight the widespread problem with cyber-security. We take the security of our consumers’ information very seriously and are committed to helping our consumers protect their personal data. In addition, the organization has worked around the clock to bring these services back online, and are doing so only after we had verified increased levels of security across our networks,” said Kazuo Hirai, Executive Deputy President, Sony Corporation. “Our global audience of PlayStation Network and Qriocity consumers was disrupted. We have learned lessons along the way about the valued relationship with our consumers, and to that end, we will be launching a customer appreciation program for registered consumers as a way of expressing our gratitude for their loyalty during this network downtime, as we work even harder to restore and regain their trust in us and our services.”

    Complimentary Offering and “Welcome Back” Appreciation Program
    While there is no evidence at this time that credit card data was taken, the company is committed to helping its customers protect their personal data and will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in each region.

    The company will also rollout the PlayStation Network and Qriocity “Welcome Back” program, to be offered worldwide, which will be tailored to specific markets to provide our consumers with a selection of service options and premium content as an expression of the company’s appreciation for their patience, support and continued loyalty.

    Central components of the “Welcome Back” program will include:

        * Each territory will be offering selected PlayStation entertainment content for free download. Specific details of this content will be announced in each region soon.
        * All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service. Current members of PlayStation Plus will receive 30 days free service.
        * Music Unlimited powered by Qriocity subscribers (in countries where the service is available) will receive 30 days free service.

    Additional “Welcome Back” entertainment and service offerings will be rolled out over the coming weeks as the company returns the PlayStation Network and Qriocity services to the quality standard users have grown to enjoy and strive to exceed those exceptions.

    SNEI will continue to reinforce and verify security for transactions before resuming the PlayStation®Store and other Qriocity operations, scheduled for this month.

US State House Of Representatives Wants Answers From Sony

It has been almost two weeks since we have had PSN, whilst Sony gave us some answers, they didn’t give much away and the weren’t completely honest either, the FBI is investigating, senators asking for answers and now a United States House Of Representatives Sub Committee has sen a list of questions to the Chairman of SCEA, Kazuo Hirai:

Rumor: PSN Database containing 2.2 Million Credit Cards Numbers for Sale

http-~~-//www.youtube.com/watch?v=Cwn4R_GexLM&feature=player_embedded

Rumors are also that a very big part of the German database is stolen, which makes some people point to Graf because he is also German. Personally I think Graf has problems enough already and has nothing to with it, but maybe someone wants to make some money to pay for the “criminal” 1.000.000 euro claim

Kevin Stevens, Security Researcher tweets that this indeed is NOT a rumor and it IS for sale (but nothing to confirm if database is legitimate or not).

Discussion about #psnhack and possible speculation about the hackers being from Europe Logs – efnet – #ps3dev – 2011-04-26

trixter, people I know had a shell on the psn servers

did you know that sony didn’t disable the function that sets the psn server under maintenance ?

The hackers that hacked PSN are selling off the DB. They reportedly have 2.2 million credits cards with CVVs #psnhack

Sony was supposedly offered a chance to buy the DB back but didn’t #psnhack

@mikkohypponen That is what is going around on some underground forums. The DB contains pretty much everything

@the_pc_doc That is what I thought but the guys selling it say that they have CVV2 numbers

@RiquezJP Well not properly securing your server breaks compliance as far as I know.

@RangerRick Yeah, this information about the CVV2 numbers could be bogus. The guys selling the DB could just be making it up.

Supposedly the hackers selling the DB says it has: fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date

No, I have not seen the DB so I can not verify that it is true

Here are some interesting screenshots of the so called “underground” forums and snippets of convo taking place.

Neblogas paveikslėlis

SCEA/SCEI Being Sued By PSN User Due To PSN Being Hacked

When Sony Computer Entertainment, removed the OtherOS function, we posted about the various court cases, well now we have PSN that has been down and out of action, due to a massive security breach.

We have the first court case taken against SCEA/SCEI for negligent data security, violations of consumers’ rights of privacy failure to protect those rights, and failure and on-going refusal to timely inform consumers of unauthorized third party access to their credit card account and other nonpublic and private financial information.

Here is a quote from the court document:

KRISTOPHER JOHNS, on Behalf of Himself and for the Benefit of All with the Common or General Interest, Any Persons Injured, and All Others Similarly Situated,

vs.

SONY COMPUTER ENTERTAINMENT AMERICA LLC, a Delaware Limited Liability Company; SONY NETWORK ENTERTAINMENT INTERNATIONAL LLC, a Delaware Limited Liability Company,

Plaintiff KRISTOPHER JOHNS (“JOHNS” or “Plaintiff,”) brings this action against SONY COMPUTER ENTERTAINMENT AMERICA LLC (“SCEA”) and SONY NETWORK ENTERTAINMENT INTERNATIONAL LLC (“SNEI”) (collectively, “SONY” or “Defendant”), on behalf of himself, all others similarly situated and the general public, and alleges upon information and belief, except as to his own actions, the investigation of his counsel, which included, inter alia, review and analysis of Defendant’s press releases, Defendant’s websites, web forums, and various news articles, as follows:

OVERVIEW

1. This action is brought on behalf of plaintiff individually, as representative of the common or general interest and as class representatives for all others similarly situated nationwide against SONY to redress defendant’s breach of warranty, negligent data security, violations of consumers’ rights of privacy, failure to protect those rights, and failure and on-going refusal to timely inform consumers of unauthorized third party access to their credit card account and other nonpublic and private financial information.

Parsisiųsti pilną dokumentą

PSN and Credit Card Information was Potentially Stolen in Early February

I dont know how to say this in a nice way, but a few of you may remember me complaining about my credit card info being used fraudulently back in February of this year.

The fraudulent charge on my credit card got me looking into logs I found on my router that appeared to be the PSN scanning my home network, to which I ended up making this tweet.

Originally Posted by madshaun1984 via twitter

On Wednesday 23rd February 2011, @madshaun1984 said:

@sony @Mathieulh be warned the fraudsters have started!!! (someone made an online transaction on a cc that was last used on psn (a year or so ago) fraudulently today! but the card was destroyed shortly after my last real transaction),

offending IP, are being traced by my ISP, and the one that worries me Source:65.197.244.172,3478 which resolves to

[DNS] Canonical: a65.197.244.172.deploy.akamaitechnologies.com Numerical: 65.197.244.172 (aka psn)

My ISP has comfirmed the request originated from ^ IP, but will pass further details to the team investigating the fraud at my bank.

Once again, my details have not been connected with my account for over a year, and the fraud took place today, even though the account in question has only ever been used on the psn (once last year!!!).

It appears sony are lying and that details are held for far longer than when you delete the info from your ps3, and that the info is readily obtainable by the hackers/script kiddies sthat know how!. (phoned sony less than half hour ago to report the incident and was told that the details arent kept (clearly they are).

Unfortunatly in as a result of this incident, it now clear to me that sony really arent encrypting any data, and once the incident has been dealt with by my bank, depending on the outcome, I may persue further charges against sony.

Deleting your account info/card details clearly doesnt work to stop this from happening, so I can only advise you keep an eye closely on your bank statements (for cards/accounts that have been used on the psn). and look for small amounts that you havent made. (in my case £1.74 to a travel agent (likely a fraudulent site set up just as a front to hide the fraudsters real intentions). I was lucky and my bank phoned me as they were aware I had not used my account for quite some time, and they felt something wasnt right.

In the interest of security, I advise anyone on efnet #ps3dev (or other chans) to definatly check your accounts for today, as all the other offending IP’s originated from there, which gets my spider senses tingling that a spy/fraudster is among you!

My router log is as follows, with my IP removed (it has been changed since pasted, but my IP is xx’d out.

This is not coincidence at play, as there is no other possible way for my details to of been obtained, as all info is securely disposed off at my end (and in actual fact stored inside my property till it can be disposed off safely and securely). I have not lost the card, (it is still shredded in my drawer (and will remain there till the account in question is closed).

@BBCWatchdog, I think you have a case to investigate here!!!

Log’s that enabled me to figure all of this out are here http://www.pastie.org/1599044

@sony shame on you!! getting ****y gets you exposed, security like this should never be overlooked, and nothings unhackable!!

Source

As no one knows when the intrusion on Sony’s network took place exactly, or what info was stolen, I thought I would make this post, to alert users of the PSN, that even though it appears the breach was only found recently, it could of been several breaches over a much longer period of time.

My advise to all users who have used bank or credit cards with the PSN, is to check back for at least 4 months, and look for small charges that you weren’t aware of. If you find any charges, report them to your bank immediately, and ask for a new card to be sent out and for a watch to be put on your account for any other suspicious transaction that may take place in future months. It also is not a bad idea to get your credit cards linked to PSN to be cancelled/changed as well and for future PSN purchases you should use PSN cards.

You may also want to read this post for more info on how bad the security is on the PSN, and for more info on how long this has been known..

Call of Privacy: Modern Spyware By PlayStation Network

Sony: It’s not our fault

Yesterday it was announced officially by Sony that some darn hacker(s) may or may not have managed to creep in their system and run away with 77 MILLION peoples account details including passwords & credit card details. This has caused a massive poop-storm with sceners and fanboys alike calling for answers but mainly for Sony’s head on a pike.

Well just as you think it couldn’t get any worse for Sony, it has been rumored that Sony may be trying to get out of being held responsible for this total blunder using their own PSN T&C as a escape clause HOWEVER the “ICO” (A UK Information Rights Body) has decreed that if the user-data was held on servers within the UK then Sony may face a £500,000 fine to add to the bill.

To quote from MCVUK News:

It has emerged that part of Sony’s PSN terms and conditions claim that the company is not liable for any loss of user data!

“We exclude all liability for loss of data or unauthorised access to your data, Sony Online Network account or Sony Online Network wallet and for damage caused to your software or hardware as a result of using or accessing Sony Online Network,” the terms state.

However, speaking to Edge, the Information Commissioners Office (ICO) claims that Sony is accountable to stipulations outlined in the UK Data Protection Act which says that companies are obligated to keep users’ details secure.

“While we are unable to say where the data is being stored at present, if it was in the UK, this clause would not free them from their obligations under the UK Data Protection Act,” ICO stated.

“If we found a breach, one of the actions we could take would be to issue an undertaking, which is an agreement between the ICO and the company that if they are handling personal information they have to bring about set improvements in order for them to be compliant with the act.

“If the company is not compliant with the act within a certain time limit, further action would be taken and we might consider an enforcement notice or issue a monetary penalty.

“For serious breaches of the act, we can issue a monetary penalty up to £500,000.”

Taigi kas nepašalino kreditinės kortelės duomenų iš PSN - FUCK** . O SONY nekalti. Va tokia kompanija. Ir galite ginti ją kiek norite kad ji visas duomenys varė net neapsagotai. Ir nulaužymas konsolės čia išvis neprie ko net.

Butent ir kai kurie komentarai Plauytation bloge yra juokingi. Atseit hakeriai nepatenkinti tuom, jog Sony neleidzia zaisti online su PIRATINEMIS kopijomis, todel ir nulauze PSN. Persasi i galva naujas klausimas, ta pacia likme: kuri kompanija leidzia zaisti (tiksliau imanoma) online su piratinemis kopijomis? Manau tai dar vienas argumentas.

 

Kas tau tokią nesamonę pasakė?

Important PSN Update – Your Personal Information Has been Compromised

SCEA and SCEE have updated their blogs, with quite a lot of information, in this information, they admit that they believe that your personal information, home address, phone number, D.O.B etc have been compromised and accessed by an unauthorised person/persons, they give advice on how to prevent identity fraud, here are quotes from both blogs:

EU PS Blog

Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. We don’t have an exact date to share at this moment as to when we will have the services turned on, but are working day and night to ensure it is as quickly as possible. We are currently working to send the following message via email to all of our registered account holders regarding a compromise of personal information as a result of this malicious attack on our servers, so please look for this information via email as well. Please note that we are as upset as you are regarding this attack and are going to proceed aggressively to track down those that are responsible.

Valued PlayStation Network/Qriocity Customer,

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1) Temporarily turned off PlayStation Network and Qriocity services;

2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and

3) Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity passwords and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may also have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security, tax identification or similar number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your account statements and to monitor your credit or similar types of reports.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please check www.eu.playstation.com/psnoutage should you have any additional questions.

Sincerely,

Sony Network Entertainment and Sony Computer Entertainment Teams

Sony Network Entertainment Europe Limited (formerly known as PlayStation Network Europe Limited) is a subsidiary of Sony Computer Entertainment Europe Limited the data controller for PlayStation Network/Qriocity personal data.

Follow us on Twitter @PlayStationEU for live updates and read the FAQ at eu.playstation.com/psnoutage for further information.

Thank you for your patience.

US PS Blog:

Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems. These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows. We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.

We’re working day and night to ensure it is done as quickly as possible. We appreciate your patience and feedback.

Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1. Temporarily turned off PlayStation Network and Qriocity services;

2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and

3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013

Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241

TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.

Sincerely,

Sony Computer Entertainment and Sony Network Entertainment

*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*--*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-

PSN Hack Information By SKFU

The PSN is down, all accounts got dumped by an anonymous hacker and the community is cryin’ for answers. 77 million accounts with password and sometimes CC info are worth a lot in several hack chans. This is a very huge case.

Now SONY engaged an external security company to discover the holes in SONY’s system and find answers. As I was wondering if there may be some information about the actual case we can find out publically, I researched a bit myself.

One interesting point I found is a not secured access log of a PSN environment(Check Image Below).

You will quickly notice the IP 214.1.211.251, which sends requests like a vulnerability scanner.

The IP points to the DoD Network Information Center, based in Ohio USA.

The first log entry of this IP is [03/Mar/2011:07:10:38 -0800]. As the DoD is knows as beeing easy to hack, the anonymous hacker could have used this as proxy.

Maybe SONY might want to take a look at this IP, I hope soon we get some news and details about the case…

Well it looks like the PSN has been “suspended” by sony. As we all know the PSN has been out for a long while due to it being “hacked by an external source”. Sony want to right this wrong and completely remake and rebuild the PSN or Play Station Network from scratch. That’s right Sony are now taking measures and actions to secure their network to the highest level to avoid it getting “hacked” or otherwise.

To quote:

Originally Posted by Patrick Seybold // Sr. Director, Corporate Communications & Social Mediapsn/qriocity services

We sincerely regret that PlayStation Network and Qriocity services have been suspended, and we are working around the clock to bring them both back online. Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security.

We thank you for your patience to date and ask for a little more while we move towards completion of this project. We will continue to give you updates as they become available.

It looks like Sony don’t want any more intrusions or outsiders on their network, and it will be gone for a very long due to these updates.

Update

Sony have updated their PS Blog, this is what it says:

We sincerely regret that PlayStation Network and Qriocity services have been suspended, and we are working around the clock to bring them both back online. Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security.

We thank you for your patience to date and ask for a little more while we move towards completion of this project. We will continue to give you updates as they become available.

Sony has finally admitted why PSN has been down for days, and it is what everyone has been assuming. A group or possibly even a single hacker brought down the giant. Down time for PSN was reported to be “1 to 2 full days”, but after this update it is certain that is not the case, here is a quote from the PS Blogs:

An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share.

Source

Many have thought hackers from within “Anonymous” have been behind this. An official post from Anonymous’s website reports that “For Once We Didn’t Do It”. If thats the case, who is and are they “brave” enough to come forward, here is a quote from them:

For Once We Didn’t Do It

Sony’s Playstation Network, its online service for Playstation 3 and its Playstation Portable consoles, suffered from a major outage today; which is on going as of this writting. According to Son’ys blog, the interruption in service may last into the long weekend – for at least another “full day or two”. Sony released a statement through its EU blog, saying that the network outage may be a result of “targeted behaviour by an outside party”, brining in the possibility of cyberattacks. Adding to the confusion is the fact that the message has since been removed.

While it could be the case that other Anons have acted by themselves AnonOps wa not related to this incident and takes no responsiblity for it. A more likely explination is that Sony is taking advantage of Anonymous’ previous ill-will towards the company to distract users from the fact the outage is accutally an internal problem with the companies servers.

TL:DR

Sony is incompetent.

For several hours now, PS3 users from all parts of the world, have been unable to access the Playstation Network(PSN), the error code 80710A06 pops up

The official US Playstation site has an error code checker and this is what they state the code means:

According to PSX Scene, ‘spint’ and ‘prod-qa’ are also non functioning, so is this the work of Anonymous or is Sony fixing PSN once and for all ?

Source PSX Scene

Official statement via US PS Blog.

We’re aware certain functions of PlayStation Network are down. We will report back here as soon as we can with more information.

Thank you for your patience.

Official statement via EU PS Blog.

As you are no doubt aware, the current emergency outage is continuing this afternoon and all Sony Online Network services remain unavailable. Our support teams are investigating the cause of the problem, including the possibility of targeted behaviour by an outside party. If the reported Network problems are indeed caused by such acts, we would like to once again thank our customers who have borne the brunt of the attack through interrupted service.

Our engineers are continuing to work to restore and maintain the services, and we appreciate our customers’ continued support. For further information, please refer to updates on PlayStation.com, here on PlayStation.Blog and via our @PlayStationEU twitter feed.

ANONYMOUS SAID BEFORE AND SAYS AGAIN: "WE DO NOT TARGET PSN SERVERS."

Update

Via EU PS Blog

While we are investigating the cause of the Network outage, we wanted to alert you that it may be a full day or two before we’re able to get the service completely back up and running. Thank you very much for your patience while we work to resolve this matter. Please stay tuned to this space for more details, and we’ll update you again as soon as we can.

For further information, please refer to updates on PlayStation.com our @PlayStationEU twitter feed.

Update 2

Via us.playstation.com (Thanks to facanferff for the tip via Twitter)

PlayStation Network Service Outage 4/21/2011 (21/4/2011 for non Americans)

We’re aware certain functions of PlayStation Network are down. It may be a full day or two before we’re able to get the service completely back up and running. Please stay tuned to this space for more details, and we’ll update you again as soon as we can.

Thank you very much for your patience while we work to resolve this matter.

During this time you may:

Not be able to access the PlayStation®Store

Have difficulty signing in to the PlayStation®Network

Not be able to play online games

See a maintenance page when attempting to access the PlayStation®Network

Note: When you log into the PlayStation Network, a message may appear which states, “the PlayStation Network has been suspended”. This does not mean that your account has been suspended; it simply means the PlayStation Network has been taken offline. Please wait until the maintenance window has passed before attempting to connect to the PlayStation Network again. We apologize for any inconvenience this may cause.

If everyone can remember, Sony were in the process of suing a company named “Zoomba” who were supposedly responsible for the original Jailbreak Dongle, well after 6 months of nothing. The Giant Crab has filed new papers to the court according to psx-scene.

SCEA is submitting its own statement since none of the defendants have appeared in this action.

The Court has entered a Preliminary Injunction. Since that time, counsel for SCEA has conducted extensive third party discovery and has been engaged in settlement discussions with certain of the defendants. Thus far, defendants Tom Nooker, individually and doing business as buyps3jailbreak and Thanh Nguyen, individually and doing business as USATechCity, Ltd. have entered into settlement agreements with

SCEA and have agreed to entry of consent judgments and permanent injunctions. SCEA will be filing those documents with the Court shortly. SCEA is currently awaiting responses from the other defendants regarding settlement.

IT IS FURTHER ORDERED AND ADJUDGED that in the event that Defendant violates this Judgment or assists others to do so, Defendant shall pay to SCEA $5,000 as liquidated damages per violation of this Judgment no later than forty-five (45) days from the date on which SCEA notifies Defendant of the violation. Such liquidated damages shall be an optional alternative to demonstrating actual damages. This optional alternative may be elected in SCEA’s sole discretion. Both liquidated damages and actual damages are supplemental to obtaining equitable relief to which SCEA may be entitled as a result of Defendant’s violation.

IT IS FURTHER ORDERED AND ADJUDGED that this Court shall retain jurisdiction for the purpose of making any further orders necessary or proper for the construction or modification of this Judgment or the Settlement Agreement and Release, the enforcement thereof, or the punishment of any violations thereof.

A few days ago, we posted here that representatives for Sony visited graf_chokolo’s home, this morning graf updated his blog to state that he has been forced to remove all PS3 related technical items from his blog, or face six months in prison, here is a quote from his blog:

graf_chokolo says:

April 18, 2011 at 9:19 am

SONY forced us to remove all PS3 technical stuff from this blog guys. I wonder how did they manage to “convince” the judge to allow it. Our law system is practically “eating” from hands of SONY, very sad. Many guys are making money with USB dongles for PS3 and i’m not allowed to put MY PS3 into service mode, it’s hilarious.

graf_chokolo says:

April 18, 2011 at 9:29 am

They claim that my OtherOS project supports piracy. I never had anything to do with piracy. Everyone knows it, make it clear to those judges who gave SONY those TROs against me. It would be interesting to know what kind of person those judges are and what they look like.

graf_chokolo says:

April 18, 2011 at 10:22 am

Guys, i’m a tough guy and won’t give up without a fight. I’m ready to stake my life. So, you support me with money for LEGAL FIGHT and i stake my life.

Visi žaidimai, reikalaujantys 3,60 FW - nebus paleidžiami iki tol, kol nebus gauti SIGNED raktai.

Kolkas vienintelis žaidimas, kuris reikalauja 3,60 - Portal 2

P.S. - man asmeniškai nieko nera geriau už Rogero Manager

CFW - Waninkoko CFW v.2 (3,55)

Jokių problemų su žaidimais - dar nebuvo tokio, kurį negalėčiau paleisti.