PSN Credit Cards May Be Up For Sale; Sony Hints At Compensation

PSN Credit Cards May Be Up For Sale; Sony Hints At Compensation

Even as Sony continues to struggle with bringing the PlayStation Network (PSN) back online, there are rumours that credit card numbers gleaned in the attack are already available for purchase. According to Kevin Stevens, senior threat researcher at Trend Micro, various parties are already offering sections of the database up for sale. One unconfirmed report indicates that hackers, in a tremendous act of hubris (if little common sense) may have tried to sell the database back to Sony.

Sony's Patrick Siebold stated that "there is no truth to the report that Sony was offered an opportunity to purchase the list... The entire credit card table was encrypted and we have no evidence that credit card data was taken.” Rumors, possibly begun by the thieves themselves, claim that the hackers were able to access the entire database; there's no information yet to prove or disprove such claims. Selling the database doesn't mean the hackers have broken its encryption, only that they've found someone else willing to deal with the problem.

Sony isn't treating the hack as an external-facing security issue. A new FAQ posted at the PSN / Qriocity blog addresses questions of recompensation. MMO subscribers will have access to "special events across our portfolio. We are also working on a “make good” plan for players of the PS3 versions of DC Universe Online and Free Realms."



Asked about other games / gamers, the company states: "We are currently evaluating ways to show appreciation for your extraordinary patience as we work to get these services back online." Since the PSN network is a free service (apart from PlayStation Plus), gamers probably won't receive any form of cash-equivalent store credit—though we dare say it might go down well if they did. Free upgrades to PlayStation Plus, additional free product trials, or a percentage off one's next purchase seem to all be likely candidates.

The long-term impact on Sony's gaming network could still break either way. If Sony maintains an open dialog about what led to this problem, patches it quickly, and no credit card information was stolen, we daresay it'll fade from memory without too much trouble. Virtually everyone who owns a PS3 and uses it for gaming has a significant amount of cash sunk into the console. Absent immediate evidence of abuse, such customers will typically adopt a 'wait and see' position.

We suspect the company's greatest focus will be on preventing a repeat. Other companies have survived tremendous security failures that exposed customer financial data. A one-off--even a one-off this serious--won't necessarily hit the PS3's popularity all that badly. Sony, however, is in a perilous position. The system's critical security flaw has been widely covered. This PSN outage could fuel perceptions that the PSN network is unreliable. A second failure of the same type could make things worse for Sony than they might be for Microsoft under similar conditions.
+2
+ -

>> "The entire credit card table was encrypted..."

Let me guess - using the same keys you used to sign your firmware.

BRB... gotta go cancel my credit card.

0
+ -

I think Sony can definitely recover from this so long as they are smart about it. Like the article said, there are things that can make it go either way, though. We'll see how Sony handles it all.

0
+ -

Many ps3 users dont even realize how poorly they were protected, so some users wont even complain about this. Which is bad because when a company fucks up the last thing that needs to happen is people forgeting about the problem. I know when i spoke with a few of my friends they mostly thought nothing of it.

PS: i am just glad i dont own many sony products any more.

0
+ -

Ya... everyone to the phone!!! lol

They should just come right out and say the data was taken, please contact your providers and cancel it... Since they are lying about it now or so they say, many people could meet some trouble...

0
+ -

Love it 3vi1 !

Reminds me of that old saying dont write checks that your body cant cash! So where does that leave us in this age of credit cards?

I guess they will just have to to ,..Charge it, and pay{default} with Obama cash :P (IE: keep printing it until it is worthless!)

0
+ -

Inspector,

There's no evidence of lying anywhere. According to Sony, there's no evidence the data was taken. That may be untrue, but that's not the same as saying Sony tried to cover up a theft.

0
+ -

Awesome 3vi1@ I lol'd at that haha. I'm glad i didnt give my credit card info to either of my consoles.

Login or Register to Comment
Post a Comment
Username:   Password: