backtop


Print 27 comment(s) - last by gorehound.. on May 9 at 8:17 AM


Hackers claim they have access to Sony's servers and are preparing a third attack.  (Source: Facebook)

Sony is giving customers one year of free identity theft protection.  (Source: ID Theft Blog)
Sony offers free identity theft protection for 1 year to U.S. customers

Given all the confusion surround Sony Corp. (6758), it's hard to find the evidence to differentiate fact from fiction.  Thus far, about all that is clear is that hackers broke into two separate Sony databases -- the Qriocity/PlayStation Network (PSN) subscriber database and the Sony Online Entertainment subscriber database -- and took at least some details from records of as many as 101 million customers.

I. Another Attack?

Now CNET is reporting that hackers are preparing a third attack against the company as retaliation for how it handled the first two database breaches.  The news organization spoke to the hackers over an Internet Relay Chat (IRC) channel.  The individuals claimed to have access currently to Sony's servers and were contemplating their next move.  They said that they would publicize all details, including customer names, credit card numbers, and addresses.

There's a strong possibility that the promised attack will never materialize.  After all, CNET covered a similar IRC-sourced story from the group Goatse that turned out to be likely inaccurate.  At the time we dug up evidence that showed CNET was likely duped into writing about a prank orchestrated by Goatse itself, which Goatse was passing off as an "attack" on its organization.  It's important to remember that just because some people say something on an IRC channel doesn't mean it's real; this is the internet after all.

While one would hope that Sony would shore up its online security, it's believable that it could be breached again given its poor track record.  Even if the promised attack proves authentic, CNET didn’t clarify whether or not the involved parties were behind the original two attacks.

Thus far no group has owned up to the original attacks.  Sony tried to implicate Anonymous, with whom it's battled in the past.  But organizers of the Anonymous community quickly responded condemning credit card theft and claiming their organization had no role in the attacks.  They accused Sony, the government, or rival hackers of framing them.

II. Free Identity Theft Protection for Everyone!

Sony is offering its customers a new gift to try to keep them on PSN and prevent them from jumping ship to someone else (like say Xbox Live).  The move was announced late yesterday on Sony's U.S. PlayStation blog.

The company will be providing users one free year of access to "AllClear ID Plus", an identity theft protection and insurance service by American security firm Debix, Inc.  The package gives users insurance which covers up to $1M USD for "identity restoration costs, legal defense expenses, and lost wages that occur within 12 months after the stolen identity event."

The service also gives customers access to free monitoring tools, which include automatic alerts.  And if the customers' stolen data does get abused, Debix "private investigators and identity restoration specialists" will try to assist the victim.

Customers who were subscribed to PSN at the time of the data breach will get an enrollment email and will have until June 18 to sign up for a year of free protection service.  Sony says it will make similar offers available for other regions, writing:

We are working to make similar programs available in other countries/territories where applicable. Information will be posted on local websites/blogs when available.

It's still unclear whether Sony will offer a similar service to the 24 million customers whose data was lost in the Sony Online Entertainment breach.

It's nice, though to see Sony finally doing something decisive to try to protect its customers.

The company is currently the subject of a class action lawsuit filed by upset customers.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

How did they gain access?
By RdBiker on 5/6/2011 9:13:54 AM , Rating: 5
Some backdoor action with a trojan? Poor Sony...




RE: How did they gain access?
By Golgatha on 5/6/2011 9:50:10 AM , Rating: 5
He who lives by the sword, also dies by the sword.


RE: How did they gain access?
By Taft12 on 5/6/2011 10:45:31 AM , Rating: 2
Irony kicks ass!


RE: How did they gain access?
By Mitch101 on 5/6/2011 11:54:47 AM , Rating: 2
Would be a good time for DT to start a poll asking people who may be effected by the breech if this will effect their console choice going forward and whether they feel Sony is doing everything they should as a corporation.

Every day it feels the story is a little worse than the day before and every day is one more that ones identity could already be being compromised because the information is coming out too slow.


RE: How did they gain access?
By theArchMichael on 5/6/2011 10:00:42 AM , Rating: 2
lol nice 1, I'll try...

I'm pretty sure the potential penetrators could anyone now that many are probably aware of how to exploit Sony's gaping hole.


RE: How did they gain access?
By Donovan on 5/6/2011 12:40:43 PM , Rating: 2
Maybe CNET is on to something with their Goatse investigation.


RE: How did they gain access?
By MrTeal on 5/6/2011 11:16:02 AM , Rating: 2
I heard they installed Extended Copy Protection on the Sony servers and are using that to access their systems, and keep them from pirating music.


RE: How did they gain access?
By mcnabney on 5/6/2011 12:09:00 PM , Rating: 2
Yes, tracing all this back to the Sony rootkit might be the funniest thing to have ever happened.


RE: How did they gain access?
By SiliconJon on 5/6/2011 11:30:59 AM , Rating: 2
More like the Front Door


RE: How did they gain access?
By BladeVenom on 5/6/2011 11:45:21 AM , Rating: 2
Sony left the door wide open with outdated, unpatched software, and no firewall installed. Even after it was publicly disclosed that they were lacking in security, they still didn't fix it.
http://consumerist.com/2011/05/security-expert-son...


RE: How did they gain access?
By gorehound on 5/9/2011 8:17:48 AM , Rating: 2
sounds like this time sony was the one who got rootkitted


Where would they go?
By lowsidex2 on 5/6/2011 9:21:19 AM , Rating: 4
quote:
Sony is offering its customers a new gift to try to keep them on PSN and prevent them from jumping ship to someone else (like say Xbox Live)

Give up the PS and all their games and accessories? Unlikely. Most will come back but I bet more will use gift cards or throw away CC numbers that most banks offer. That's what I use.

I'd like to see rules in place that keeps companiess from holding my data needlessly. Once the order is processes, be able to opt out and have them wipe my data. If I buy more, I'll re enter the verification data and CC. I realize that isn't an ideal model for PSN but it's a start.




RE: Where would they go?
By borismkv on 5/6/2011 10:32:47 AM , Rating: 2
Or they could, you know, be in compliance with PCI regulations and freakin Encrypt their stored data.


RE: Where would they go?
By tayb on 5/6/2011 10:58:01 AM , Rating: 2
The worry isn't about an immediate jump so much as a long-term switch.

It's the same situation with the Verizon iPhone. Everyone though AT&T would lose millions of customers the first week and that is just completely unrealistic. People were tied down with contracts. AT&T was worried about long-term losses which is what they should have been worried about.

Sony is worried about the same thing. Most people aren't going to chuck their PS3 right now but a lot of people will stop buying things on the PSN altogether and I'm sure some small percentage will move away from the platform over time. The thing that will hurt Sony the most is the online sales because they have a HUGE profit margin on those. Microsoft and Sony are trying to position their consoles as the only required device for a media center. Sony just tumbled down the stairs in that race.


RE: Where would they go?
By lowsidex2 on 5/6/2011 4:29:37 PM , Rating: 2
/shrug

I see your point but next year Xbox will be hacked and back and forth we go.


RE: Where would they go?
By Breakfast Susej on 5/6/2011 10:55:05 PM , Rating: 1
This would be an opportune time for Microsoft to offer some sort of carrot on a stick incentive to the masses of disgruntled Sony users in an effort to give them that extra little push over the edge toward conversion.

People say what they may about Microsoft but after years of Windows being molested by every malware maker on the globe they must have picked up something as far as security goes.


My data was lost
By 3minence on 5/6/2011 9:19:02 AM , Rating: 2
I got an email from Sony saying my SOE account info was compromised. They claimed my credit card info was NOT compromised because it was on a different system. I'm not really worried as the only Sony product I ever played was Everquest II, and that was years ago. I doubt the credit card I used then is even active any more. The email said nothing about Sony offering up credit protection.




RE: My data was lost
By mcnabney on 5/6/2011 12:14:39 PM , Rating: 2
Think back to the username, email address, and password you used in EQ2.

If you ever used any of those together elsewhere you should assume that these combinations will be used to attempt access at dozens, if not hundreds of accounts. Like FB, banks, retirement accounts....


RE: My data was lost
By 3minence on 5/6/2011 1:02:42 PM , Rating: 2
My game accounts are always different then my accounts that mange money. But I know of others who do not and they would have problems.


More opportunity to prosecute hackers
By Beenthere on 5/6/2011 12:17:12 PM , Rating: 2
The more they hack the better the chances they will end up in prison for a long, long time and that is a good thing. I'll bet the folks who've had their credit card and personal details stolen won't be too happy for the next year or two.




By rcc on 5/6/2011 12:30:52 PM , Rating: 1
I'm about at the end of the "send 'em to jail" stage. Just shoot them.


By ARoyalF on 5/6/2011 9:02:43 PM , Rating: 2
Wow, Sony a for profit enterprise? No way! I love how everyone is bitching about the company and not the people who are doing the actual hacking .

Someone tried to get at an old PayPal acct. of mine a couple years ago. They could have made off with my money. What's so freeking cool about that? You wannabe hackers can vote this down.....


Pretty stingy on Sony's part
By karndog on 5/6/2011 9:43:39 AM , Rating: 3
Seems like Sony is trying to get out of this by offering the bare minimum that would be expected as compensation. 1 year free fraud protection? I think they should give free fraud protection for the life of the CC used on PSN, until it expires, which could be several years depending. If they arent careful Sony will alienate millions of already disgruntled customers. If anything they have to be OVER generous here.

And what about compensation for all the people who could have their emails, facebooks account etc hacked because they used the same username passwords? Or the years of spam we will probably receive once our details are sold to marketers. And the inconvenience for people who have to use their own money and time calling their banks to cancel their CC and wait for a new one? I think a free voucher to be used on PSN to download even a PS1 game would be a nice gesture and a good start at winning back customers.




RE: Pretty stingy on Sony's part
By Uncle on 5/6/2011 11:48:48 AM , Rating: 1
I feel nothing for sony. A++ to everything that happens to them. Your seeing what happens to companies that get so big, their first thought is themselves not their customers. Totally different company when their was real competition and they needed customers to move ahead. Now their just bloated and arrogant. When shit hits the fan for their arrogance and the executives can't see past their noses, they look for scapegoats like hackers who are probably disgruntled Ex sony customers. Go Hackers Go. No need to respond to this message. Just Google sony and look up all the charges and fines they have had to pay around the world for their arrogance.


Firewalls don't work...
By SiliconJon on 5/6/2011 11:21:19 AM , Rating: 2
when the infilTrator is within their boundaries.




sony problems
By treeimp on 5/6/2011 9:08:23 PM , Rating: 2
I don't know how this all happened, but sony should likely be looking for any moles or leaks in the innermost circles of their security and/or progamming teams. thorough investigation both physical and online, as wewll as close monitpring of the server and server access sites are vital.




Scorned HD-DVD
By Shadowmaster625 on 5/6/2011 3:18:13 PM , Rating: 1
Hell hath no fury like a superior HD format scorned. I bet that's what happened here. All the people who lost big betting on HD-DVD are now finally getting their long planned revenge. Serves Sony right for totally borking the HD market for going on 5 years now. Yes it is 2011 and HD format players still cost $70. Can I get a W-T-F? If we had HD-DVD they would be ubiquitous since they would be only marginally more expensive than regular DVD burners. Everyone would have one in their PC. And of course we know it is the burners that really push a format out into the mainstream. No one with a brain would burn blu-ray because they cost too much. Not to mention a 4GB h.264 recode of a blu-ray looks damn good and can fit on a standard dvd that costs 12 cents.




"So if you want to save the planet, feel free to drive your Hummer. Just avoid the drive thru line at McDonalds." -- Michael Asher














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki