Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

"another website" is pretty reliable...

http://kotaku.com/#!5796651/credit-c...psn-hack-fraud

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Hitler subtitle video in 3...2...

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Finally decided to call and cancel my debit card and get a new one issued. Once I get it, I have to update my bill payment accounts that use that number.

I haven't seen any odd activity on my account, but I don't want to take a chance.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I had no trouble playing Tangled 3D on my setup. I have the 40GB fat, though.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I did the same finally canceled 2 cards I had used on psn, no sense taking a chance.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I finally got the email from Sony today. Luckily my PSN account did not have a cc attached to it only PSN cards. Also I'm pretty sure my address is out of date.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I hadn't purchased anything through PSN since 2009 using the credit card. I have gotten stuff recently through redeemable codes, trials, or free stuff. I don't know how or if they got numbers if the credit card had to have been used recently or since the last hacking event. Or, if it just needed to be linked to the account.

I'd rather not wake up one day and find all my money gone. Sure, I could probably get it back, but thats a hassle I'd rather not go through.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I'm one of the fools who used a debit card, but i finally called and canceled it today...it it would have been a CC, i would have just waited and disputed any charges, but if they take all of my money I'm hosed.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Thankfully I never purchased anything online from PSN. I never even bothered logging into my account once I created it, since I do all my multiplayer gaming on Xbox.

I hope everybody on here gets through this without any hassle of stolen CC info.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

That was my thought. I don't have a credit card, so my bank debit card is used for everything. I always run it as a c redit card for store and online purchases. And it is used for online bill payments at places like AT&T, electric & gas, etc.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Sony Online Entertainment has confirmed that their records are all fine. They are the people behind a couple MMO games, including DC Universe online. They said they kept all their CC and personal info data completely separate from the PSN. They said they are still investigating to make sure, but there are no signs whatsoever that someone hacked into their system.

They have said too that they are looking for some way to make it up to the PS3 users who play their games, since they are currently paying a subscription but can not play due to the PSN outage.

http://www.joystiq.com/2011/04/28/so...-data-is-safe/

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Just canceled my debit card. 3-5 business days to get a replacement. Woo-ha.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Originally I wasn't going to but I went ahead and cancelled my Debit Card today. Didn't want to to toy with the chance. Having a new one shipped out to me as we speak.

Still need to head to the bank on my next day off to get a Temporary Card.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I've only had one issue so far -- I think it was with Cloudy w/ a Chance of Meatballs... but Tron was absolutely fantastic on it. I think some discs are simply not compatible with all players (yet).

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

<iframe width="720" height="480" src="http://www.youtube.com/embed/Cwn4R_GexLM?hd=1" frameborder="0" allowfullscreen></iframe>

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Welp, the fbi is now in on it. Whoever did it is in for a world of hurt if they're caught.

http://kotaku.com/#!5796832/fbi-cybe...-investigation

And according to the note sent from the Attorney General Sony might be in some deep shit too.

First 2 paragraphs here

http://www.ct.gov/ag/lib/ag/press_re...nltr042711.pdf

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

This is much worse than I had originally thought. I just got my email from Sony today, ridiculous. On top of that, I bet PSN will most likely crash again as soon as it goes back up do to everybody in the world logging in, updating their trophies and downloading stuff at the same time. I still can't get over how they stored our passwords.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

My card's fraud department called me on the 15th to tell me they saw a suspicious .90 charge from two days earlier with "Somalian Sweets" - or I suppose she could have meant "Suites." I told her it wasn't my charge so they closed the account before any more activity could continue.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

a little ahead of the timeline as you said, but either way it sounds like someone was just testing it to see if it still worked before they went crazy.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

That's what they always do with cc theft. Ironically, we caught fraudulent cc use a few weeks back because someone tried two $1 transactions to Microsoft!

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Thanks. That was pretty much the issue for me, though I actually already had the settings right. When I got home, I turned on the PS3 and sure enough first thing it did was auto-detect my new 3D HDTV. Works beautifully and looks amazing. Anyone who's in the market for a big-ass 3D HDTV, I highly recommend the Sharp 60" LED model. Worth every penny of the Amazon price of $2338. Especially with free shipping and no tax.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

The internet has been banned from making those thanks to the producers of the Downfall film.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Yeah. I just got my email today, too. Honestly, it pisses me off that my personal information is out there, but since I had no credit card linked to the system, I'm not that upset.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

The worst part is not the credit card. That can be canceled or more easily monitored.

The worst part is all your personal information. They may be able to request credit cards in your name or stuff like that. Identity theft is the main problem here. You can monitor your credit, to receive emails when a new card is opened, but that costs.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I got a report alert today from my credit monitoring and was like "oh shit" but then I logged in and saw it was legit for something I did this week. Good to know I'll get the updates.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I don't remember having to put my social security number and mother's maiden name in any box when signing up for PS3. Guess what? All the information you've provided is freely available on various sites on the internet. It sucks that the information is out there, but it's not exactly private information.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Actually you are right Deftones, I don't know how I got to that conclusion. I think I was reading that they were selling the information in hackers forums and somehow thought that. My mistake.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

just for clarity, your second link is from Connecticut Attorney General George Jepsen, not the Federal Attorney General Eric Holder. There could be similar requests from other state attorney generals in other states.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Well, stuff like the password reset questions were apparently compromised too, which might reveal some things if you actually use real answers for them.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

It's best to create fake answers for those security questions and right down your responses somewhere.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Not to defend Sony in any way, but had they stored their customer information in encrypted format (as they should have), do we think that it would have been so secure that it would have been impossible for the hackers who breached the system to decrypt that information?

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Depends on how they encrypted it, right? I don't think anything is completely uncrackable, but if they used proper salts, etc., they could make it difficult enough that it would be much easier just to look elsewhere to steal credit card data...

Now trusting them to encrypt the information correctly is a whole different thing. But the CC stuff has strict rules as far as how to store that information to keep customers safe, so they're in a whole lot of trouble if their encryption is not up to snuff.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I don't think the issue is with how the credit cards were stored. It's how the data was transmitted.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Thats the primary question for security experts, is how much security is enough. Encryption at least shows you did your due diligence, having it readily available in cleartext, on the otherhand, is a huge no no.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I'm still confused about this. If the hackers got the information off the wire, encrypted or not, doesn't that mean that only those who bought something in the period where the system was compromised would be in trouble, not all 70,000+ users?

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

I think you left off a couple zeros there ;)

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

To be fair, he did have a "+" at the end.

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

thousand, million, what's a few zeros? :)

Re: The Official PS3 thread - Encryption? We don't need no stinkin' encryption.
 

Thank you for being part of the voice of reason. Yes it sucks but the credit card issue shouldn't be major even it yours does get compromised and the info is public information save for some of the password reset stuff.