From the initially seen as just an "outage" on the PSN, it's now exploding to more and more incidents everyday! A little less than a week ago, Sony said that there was an external intrusion, that caused the outage. Yesterday, they reported that personal information "might" have been stolen. What is it for today? The incident finally exploded to lawsuits & frauds.
Today there's been reports of Credit Card Fraud by PSN Victims. There's also a lawsuit against Sony by Kristopher Johns.
Credit Card Fraud
Sony leaked 77 million accounts. There's bound to be quite a number of Credit Card users there that used their cards for PSN! A lot of reports of credit card fraud are being reported as the result of the Sony breach:
“My American Express card was compromised over the weekend. This card sits in a drawer in my house for emergencies, but I did use it once on my PSP for an account.
Luckily American Express is very good at notifying me immediately after the first fraudulent purchase.”
“About two or three days ago, my bank notified me that I had gotten my own [credit card information] stolen, the one I use for my PSN account, and with it a ticket was purchased through a German airline for nearly $600.
They are still looking into the fraud charge meaning that right now I have a negative $500 in my account, with no good chance that I’ll be getting that back any time soon.”
“I also had an attempted fraudulent charge on my American Express card, about $8,000 going to some Japanese store. This all happened about when PSN started having trouble, so I’m betting this had something to do with it.
My advice: if you have your credit card info on PSN, watch your accounts like a hawk. I’m buying pre-paid cards from now on; you know, if I decide to ever spend money on PSN again.”
“I logged into my bank account just to check everything was OK and I found out there was some just over $2,000 in charges which I didn’t personally accrue.
There was a number of early transactions on the 23rd of amounts under $1, which they say is the usual kind of test run that fraudsters do and then there’s been a number of transactions of larger amounts, including domestic flights within Australia, bookings at Best Westerns [hotels] and what not.”
According to Sony:
Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.
Q: Was my credit card data taken?
A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.
Q: What steps should I take at this point to help protect my personal data?
A: For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well. To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports.
Q: What if I don’t know which credit card I’ve got attached to my PlayStation Network account?
A: If you’ve added funds to your PlayStation Network wallet in the past, you should have received a confirmation email from “DoNotReply@ac.playstation.net” at the email address associated with your account. This email would have been sent to you immediately after you added the funds, and will contain the first 4 digits and last 4 digits of your credit card number. You can also check your previous credit card statements to determine which card was attached to your PlayStation Network or Qriocity accounts.
There's still no news whatsoever at the moment whether the frauds are actually connected to the PSN Incident or not, and whether Sony will make amends to the victims.
The Lawsuit
The suit was filed today on behalf of Kristopher Johns, 36, of Birmingham, Ala., in the U.S. District Court for the Northern District of California. Johns accuses Sony of not taking "reasonable care to protect, encrypt, and secure the private and sensitive data of its users."
He also believes Sony took too long to notify him and other customers that their personal information had been exposed. Because of that, the complaint alleges, Sony did not allow its customers "to make an informed decision as to whether to change credit card numbers, close the exposed accounts, check their credit reports, or take other mitigating actions."
The lawsuit is asking for monetary compensation and free credit card monitoring, and is seeking class action status.
Truly, this seems like it's nearing doomsday for PSN, but who knows? Will Sony be able to get up, and save themselves yet again?
They've managed to save PS3 from the bad start, with the bad games, very expensive price, and Blu-ray was not widely known at the time. But look at it now, over time, however, some great games, a price drop, fantastic marketing and smart PR enabled PS3 to gain tremendous momentum.
Hopefully, they'll be able to save themselves from this disaster, just like they saved the PS3 before. Though in my opinion, this time, the disaster is way too large of a scale to be able to make a great comeback. Sure, Sony will finish the lawsuit & tie up the loose ends, but what matters is that people has already started to lose trust on Sony. And losing trust from Customers? Very very bad thing.
Source :
Cnet
Credit Card Source
Business Insider
Playstation Blog
No comments:
Post a Comment