Linked by Thom Holwerda on Tue 26th Apr 2011 22:06 UTC
Games After days and days of the Playstation Network being offline, Sony has announced it has taken the service down indefinitely. The cause is a lot more severe than previously thought: PSN has been systematically attacked, and personal information of all users has been stolen, possibly including credit card data. Sony is asking PSN users to keep close tabs on their credit card account statements. This has turned from a rather amusing slap on the wrist for Sony into a massive and truly epic security fail that could have tremendous consequences for millions and millions of people the world over.
Permalink for comment 471123
To read all comments associated with this story, please click here.
Comment by atsureki
by atsureki on Wed 27th Apr 2011 02:51 UTC
Member since:

we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID.

They were storing passwords in cleartext?
Their security is beyond help.

I don't actually know which password of my rotation I gave them (and thus should be changing if I use it anywhere else right now), and of course there's no way to find out with the server simply rejecting all login attempts. Same with the credit card - I'm pretty sure all they have is an outdated debit card from a closed account, but it's possible I put in a different card once and don't remember. The uncertainty sucks, and Sony's not helping. They're acting precisely like they have something to be ashamed of (a given) and not at all like they're in control of the situation.

Hopefully, it will also be another nail in the coffin of the credit card, an inherently insecure and ridiculous concept that needs to die. People should learn to spend the money they have, not the money they may have.

Don't be ridiculous. Security and responsibility are two completely different issues, and credit cards absolutely win on the former. There's no reimbursement protection if someone steals your cash, and it's a lot harder to track counterfeit paper than electronic transactions. And I suppose I'll just get a USB cash scanner or mail a check if I ever want to buy DLC or get stuff from Amazon, which will of course be shipped to me by Pony Express.

Reply Score: 3