The BBC’s technology correspondent, Rory Cellan-Jones, has been told ‘off the record’ by Sony that PSN users’ credit card details are ‘probably not compromised’. Sony are still investigating the full extent of the intrusion which is probably why they are erring on the side of caution and have yet to release an official statement regarding credit card information.
You can watch the clip via this link.
In related news, the BBC News At Ten has just featured Christopher Ingram from ICO who has said Sony have some “pretty serious questions to be answered’ and will be fully investigated.
As we’ve said before – be vigilant. Keep a close watch on your bank account and seriously consider taking out ID Theft protection.
Source: BBC
tottimanps3
check out this Q&A posted over at the playstation blog http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/
moshi
Now don’t you all feel a little silly for flying off the handle, off the record mind.
GTRsannin
Like i said earlier wouldn’t people have noticed it if their bank info was taken like their accounts been emptied its been a week already???
cnutard
Lets say only half of those 77 million accounts have their CC linked to their account… I’d like to see you, or for that matter anyone get through 38.5 million potential CCs in a week.
GTRsannin
Yeah but i haven’t seen any yet
InternationalGamer
Sooo… big sigh of relief?
marshaal5
put you full name and city where you live into google and within 10 seconds it will helpfully give you name address and postcode of where you live and also anyone else who might live at that address. also many people put this exact same info into social networking accounts so it really is not that hard to come by.
try it yourselves .
adevow
Exactly.A scandal overrules common sense every time though, unfortunately.
Thechunkymunky
So true. Did a search and got my mothers name up on 192.
Simply registering and buying credits would give me the full address.
On topic: Sony have already said probably not in the official statement. Still going to get a new card for safetys sake :)
Foxhound_Solid
Great News :-)
david
I contacted my bank yesterday about my CC etc…they told they were told by PSN on the 18th that they’re system was compromised and that they couldn’t be 100% sure if CC were acquired.
Since then, my bank has assured me that my details are safe and there is no need to cancel my cards, and if anything nefarious does happen they will immediately cover it.
I think all this backlash in hindsight now was unwarranted – still concerned about Id Fraud tho.
Kovacs
People saying ID theft is no big deal/all information about me is available online anyway make me want to punch myself in the crotch.
Armed with the complete set of personal data the hackers now have, they have can cause havoc on your life. They can order debit cards, they can drag your credit rating down, they can compromise other sites like eBay or PayPal if you used the same password (or a variation of your PSN password as it’s now a LOT easier to crack; how many people add a 1 at the end of a common password they use?) and take funds. And this could happen MONTHS from now. Saying “nothing wrong with my account right now” is incredibly naïve.
As respected journalist Ben kuchera has said, people who claim Sony are the real victim here and we shouldn’t be angry at them are part of the problem. I’m a huge Sony fan but I feel very disappointed in the company. My relationship with them in terms of trust and giving them my money has completely changed.
Hacks happen. It’s how you respond to them that matters. And this has been a debacle of the highest order.
KeRaSh
I’m really not that sure about the ID theft thing. It sounds very serious but I can’t imagine that it would be that easy. Surely a bank would check your ID when you ask for a debit card or something like that. Then the card would have to be intercepted at your mailbox.
I’m moving into my own place in a few weeks so my address will change and the info from the PSN will become obsolete but surely a bank doesn’t care if they send the card to my parent’s home or to my new one. What if someone goes to a bank where I’m unknown? They must do some further checks than just ask for my name, address and date of birth? I don’t think it’s THAT easy to get a debit card on someone elses name in Germany… Maybe I’m just naive…
tonycawley
Look into change of address fraud
Kovacs
With all due respect it sounds like you know very little about ID theft. Look into it, and be prepared to cringe at what hackers can now do with your details. It’s very, very scary.
KeRaSh
That was my whole point. I don’t know anything about it. I WANT to know. Hoped you would clear up a few points. :)
GTRsannin
Don’t they need your social security number to use your details to open credit card accounts and so on and here you need to have job to even get a CC and second thing so we should destroy the whole Sony corporation when some idiots hack in to their network riiight
willbuchanan
I think we should all stop attacking Sony for ‘making a hash of it’. Unless you can accurately say, with proof (eg years in the IT security industry) that you can or could do better. Which I’m willing to guarantee none of us could. I know I couldn’t. That dealt with, perhaps we can concentrate on positives? Like the nice weather we’ve had and the fact that none of us have been involved in some sort of hurricane/tsunami/insert national disaster of choice?
Kovacs
Cool, because I can guarantee you I could communicate clearer and quicker than Sony so I’ll continuing to voice my opinions on how badly they’ve handled this massive cock-up. Thanks!
willbuchanan
Really? Really really? You must be very misguided or someone should pay you lots to shore up every IT security system under the sun! You must be very clever – I wish I was as clever as you! Honestly, have some sense, you can’t prove that you could and no-ones interested in your over-inflated ego, I’m afraid…
Kovacs
It’s not a case of being very clever. It’s a matter of being open with your customers. It’s not egotistical to say you can do better than something that is poor.
Listen, Sony have admitted that PSN passwords were NOT encrypted. You don’t need to store passwords in plain text. I have over a decade of IT experience and you learn in the first year that you don’t need to store passwords in plain text. Look up hashing and checksums for password authentication. Your PSN password should have been encrypted. It wasn’t. That’s a big no-no in IT security.
KeRaSh
Called my bank and they said they haven’t heared anything from Sony yet. Usually they get informed if credit card details were stolen, so either Sony is pretty sure the info was safe or they are just taking a leap of faith in not informing the banks.
Cole2k11
Your Bank doesn’t need to be informed, if the people that work at your Bank watch the TV hear the News on the Radio or on the Internet (If they’ve heard of any of these) then they would’ve already been made aware….People will laugh at what you have just told the world.
KeRaSh
People will laugh about the things my bank told me? Why should I care?
Oh, and since I’m already talking to the whole world I want to say “Hi!” to my family and all of my friends.
KeRaSh
Just got an official statement from my bank that they were contacted by Sony and that the credit card information should be safe. So while Sony might not be obligated to inform my bank, they do it anyways so that banks don’t act on speculations that are spreadded through the news.
Good say, Sir.