Home

News

PS3

PS Vita

PSP

Blu Ray

Reviews

PS3

PS Vita

PSP

Community

Forums

About

Contact

 

 

 

Sony Provide More Details on Intrusion

PSN

Confirm personal data was compromised

 

In their latest blog post Sony have provided more details on the intrusion into PSN

The important bits:

We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.

We believe that an unauthorized person has obtained the following information that you provided:

  • Name,
  • Address (city, state, zip),
  • Country,
  • Email Address,
  • Birthdate,
  • PlayStation Network/Qriocity password and login,
  • Handle/PSN online ID.

It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained.

While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility

 

PSO recommends doing the following:

Using a secure password management solution like, LastPass or Keepass and changing all of your passwords to strong, unique ones

Monitoring your credit / debit card to ensure no fraudulent transactions are taking place

Be extra aware of spear phising attacks now that criminals can build up a better profile of you when sending malicious emails

 

What stands out to me is that passwords were compromised, why were Sony not hashing them ? That's basic security practice.

If they are unable to do such a basic thing what other vulnerabilities do they have ?

twitter   facebook   digg   forum

 

 

 

twitter

facebook

digg

forum

 

Tue, 26 April, 2011 9:10 PM