Apparently, the hacking case of the PSN that made Sony turned the service off wasn't so easy to finish! Just today, Playstation Blog announced that the hacker got away with personal information of the users.
SCEA spokesperson Patrick Seybold explained the situation to Kotaku: "There's a difference in timing between when we identified there was an intrusion and when we learned of consumers' data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down."
"We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident. It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday [Monday, April 25] to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon."
Moreover, the political force is now getting involved! Connecticut Senator Richard Blumenthal, who is a former Attorney General, took the time to scold Sony in a letter to SCEA CEO Jack Tretton. He publicly questioned today Sony's failure to "immediately notify affected customers of the breach and to extend adequate financial data security protections."
The Letter
The latest news from Sony said that it may be another week or so before anything is back online, and even then it would only be for "some services."
Sony's really in the rough this time, PSN Users are extremely angry because the information that users' personal data are taken came more than a week after the intrusion. A couple of examples on Industry Gamers
According to Kotaku though, there have been no arrests in regard to the outage.
The FAQ's on the PSN Outage:
Kotaku's FAQ
I can't remember, did I need to use a credit card to create a Playstation Network account?
No, that's only required if you added funds to your wallet to purchase content on your PS3 like a game, add-on or movie.
What if I can't remember if I used a credit card?
Try searching through your emails for anything from DoNotReply@ac.playstation.net.
What if I did use a credit card on the Playstation Network?
While Sony says they have no evidence credit card numbers were stolen, they also say they're not sure they weren't. Now might be a good time to cancel your current card and get a replacement.
What if I didn't use a credit card on my account. Am I safe?
Yes and no. Your credit card info is safe, but your personal information may be out there in the wrong hands. It might be a good idea to keep an eye out for phishing scams, watch your credit report and make sure you change your passwords if you re-used them in multiple places.
What information was taken from Sony?
Sony has confirmed that account information has been compromised, including name, address, and login information for the PlayStation Network and the Qriocity music service.
So how do I check my credit?
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228. You can also check the three bureaus individually:
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
When will the Playstation Network be back up?
As of April 26, Sony is expecting the PlayStation Network to be back up "within a week."
How long has PSN been down?
The system went down last Wednesday, April 20th. (That's seven days if you're keeping score.)
Can I play games without going online, either by myself or with a friend locally?
Absolutely. Almost every PS3 game, whether it's played via disc or download, will work so long as you're using a mode that doesn't require PSN access. (That's internet multiplayer, mostly.) There is a small exception to this, which I'll explain a little later.
What about using a LAN?
Sure, a setting up a little LAN party would be a great alternative. The only problem is that the selection of LAN-capable PS3 games is pretty limited.
Is Anonymous responsible?
Probably not. The group has publicly denied their involvement, and there has been no definitive proof to say otherwise.
So why are they being arrested?
They aren't. The rumor is based on an old press release from January.
Some games use digital rights management to prevent piracy. Will that affect my ability to play?
As of now, the only games that we know to be affected are a pair of Capcom downloadable games, Bionic Commando Rearmed 2 and the Final Fight/Magic Sword game pack.
So I can't play any games online or use PSN. Can I still use non-game PSN apps like Netflix, Hulu Plus, etc?
Netflix works on and off if you're persistent enough. The others not at all.
What about features like the browser, which use the internet, but aren't connected to PSN?
Users have reported via forums that the PS3 browser still works.
Can I still get system updates?
The system update feature is not connected to PSN and is therefore functional. (Ever notice that you have to sign out of PSN to download an update?) Users can still also download system updates via the Playstation website.
Is there a chance my trophies could get wiped?
Trophies will not update as long as PSN is down, but since most of them are not internet-based, it's likely (but not definite) that the trophies that you earn during the shutdown will be added to your account when it updates once PSN is back online. If you were to delete your account or if your console were to crash, however, you would definitely lose any trophies earned while PSN is down. Currently, it is not possible to check trophies via the Playstation website.
Will I lose my saved game data?
Not likely, your saved game data is stored on your hard drive, and therefore should not be affected by the outage.
Am I more likely to lose my data if I've been using the cloud storage feature of
Playstation Plus?
No. While you definitely aren't able to update any data you've saved in the cloud, the cloud data is technically a copy of whatever was saved from your machine, so even if the back-up data was lost your save would still be in tact on the machine where it was originally recorded.
Wait I have some questions you didn't or can't answer. Can I ask Sony directly?
Yes, Sony says you should contact them if you have any additional questions at: 1-800-345-7669.
Sony's FAQ
- When did the PSN/Qriocity become unavailable?
PSN/Qriocity services have not been available since April 20 (US time) in all regions.- Why did the PSN/Qriocity become unavailable?
An external intrusion on our system has affected our PlayStation Network and Qriocity services.- Why was Sony not prepared for a compromise of its network?
We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we cannot comment further at this time.- Is the attack by “Anonymous” or another party?
We are currently conducting a thorough investigation of the situation. Since this is an overall security related issue, we cannot comment further at this time.- Why is it taking so long to restore network services?
As soon as we learned of this issue, we temporarily turned off PlayStation Network and Qriocity services in order to conduct a thorough investigation and to verify the smooth and secure operation of our network services. Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security.- How serious is this compromise? How will Sony prevent this from happening again?
Because there is an on-going investigation we cannot comment further at this time, but we are working to restore and maintain and strengthen the services, including incorporating additional countermeasures to ward against future intrusions.- When will service be restored?
We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.
We will keep the service down to allow us to conduct a thorough investigation to ensure smooth operation of our network services when they return; we are working hard to resume the services as soon as we can be reasonably assured our security concerns have been addressed.- Did SOE experience an attack due to the same reason?
SOE’s services are currently available, but they did experience a service interruption due to an external attack. An investigation is ongoing.- Have you had such a long PSN/Qriocity service termination like this one in the past?
No.- Does PSN/Qriocity get attacked very often?
We cannot make any comments regarding this matter at this time.- I want my money back (subscription fee, content) since the PSN/Qriocity was not available.
While we are still assessing the impact of this incident, we recognize that this may have had financial impact on our loyal customers. We are currently reviewing options and will update you when the service is restored.- There seems to be some games that cannot be played even offline?
Some games may require access to PSN for trophy sync, security checks or other network functionality and therefore cannot be played offline.- Why are Sony Online Entertainment services available while PSN and Qriocity are still down and you (SCE/Sony) are not able to even tell us when it will come back again?
As our investigation in this matter is ongoing, we cannot comment further on this matter.- What personally identifying information do you suspect has been compromised?
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information provided by PlayStation Network/Qriocity account holders: name, address (city, state, zip), country, email address, birth date, PlayStation Network/Qriocity password, login, and handle/PSN online ID. Other profile data may also have been obtained, including purchase history and billing address (city, state, zip). If an account holder has authorized a sub-account for a dependent, the same data with respect to that dependent may have been obtained. If an account holder provided credit card data through PlayStation Network or Qriocity, it is possible that the credit card number (excluding security code) and expiration date may also have been obtained.- How will I know if my personal information has been compromised?
We have provided notices to consumers at the email addresses associated with their PlayStation Network/Qriocity accounts. You may also visit www.us.playstation.com/support and www.qriocity.com for notices regarding this issue. In addition, we have taken steps to disseminate information regarding this issue to media outlets so that consumers are informed. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant to review your credit card account statements and to monitor your credit reports.- What steps have you taken to investigate this compromise?
We have engaged an outside, recognized security firm to investigate this incident and to assist us in our ongoing efforts to protect your personally identifiable information.- I got an email from you asking for my PSN/Qriocity sign-in ID and password. Is it really you asking for this information?
Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking.- What should I do to avoid having my personal information compromised?
For your security, we encourage you to be especially aware of email, telephone, postal mail or other scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. Additionally, if you use the same user name or password for your PlayStation Network or Qriocity service account for other- Why did Sony wait until now to tell PSN users that their personal information may have been compromised?
The nature of the intrusion required that we undertake an extensive and thorough investigation of the matter, which took considerable effort and time. We needed to make sure that we knew and understood the facts before providing the appropriate notice to PlayStation Network users.
Will Sony get up and rise from this severe case? Is the PSN saveable? How will Sony compromise with their users? Let's find out in a couple of weeks, and stay tuned!
No comments:
Post a Comment