backtop


Print 102 comment(s) - last by crazyblackman.. on Apr 29 at 11:58 PM


PlayStation Network customers have had their personal information and possibly credit cards stolen. Sony just now decided to tell them after six days of service outage for undisclosed reasons.
Playstation Network and billing system has been down for six days, company just now decide to let users know the worst

Sony Computer Entertainment America LLC has just announced some very bad news for Playstation Network (PSN) users (accessible via the PlayStation 3 and PSP) who have made purchases -- they have had their personal info and possibly credit card numbers stolen.

Writes Sony:
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
Sony contracted a cloud services provider, Qriocity to manage its customers' data.  Sound familiar?  That's not surprising.  In recent months email relationship firms Epsilon and SilverPop suffered similar data breaches, losing personal information of customers of Krogers, Walgreens, Best Buy, Chase Bank, and more.

But this recent breach is arguably the worse yet, given just how much data is said to have been stolen and the possibility that credit card data was stolen.

Sony states:
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience.
But, it writes that customers are now responsible for monitoring their credit card statements and credit stores to watch for any damage.  In short the message reads something like, "Sorry guys, but you're on your own now!"

According to outraged commenters the PSN has been down for six days now, but Sony is just now owning up to the fact that there was a massive security breach.  Secondary sources point to the network being down since at least April 21.

One must wonder how many more companies will see their customers violated before tech firms start to get the idea that handing valuable data to small third-party providers might not be the best idea.  It may be cheap, but as these recent incidents show, the utter lack of security and accountability can lead to many a nightmare.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Meh
By JasonMick (blog) on 4/26/2011 5:41:40 PM , Rating: 3
quote:
About 2 weeks ago I got a call from my CC company that someone had attempted to use my card in a neighboring state (indeed one that I have traveled to and through in the recent past). They detected that the charge was fraudulent (I'm guessing based on the card number being used in two locations which were physically too far apart to be completed in that amount of time) and denied the charge. Obviously I reviewed my statement carefully but there was not one invalid charge on it.

The protection CC companies give you is powerful and automatic, after all, you are not liable for the charges, that means they need to either pay up or take legal action with the stores, both of which cost them time and money.

Finally, a stolen card does not affect your credit rating unless your card issuer screws up how they handle the situation. So long as they state 'Lost/Stolen' as the reason the old account was closed, and the new account keeps the old account's opening date, you won't have lost anything. If they don't do this, you can appeal to have the data corrected and you will almost certainly win.


Well I'm glad your situation worked out well. I'm not saying that in a lot of cases banks don't resolve these kinds of this automatically or almost automatically.

It's just SOME CASES where they don't (for example, what if the charge came from your home state -- that would be "believable")...

And like you said, you could work to make sure that your credit score was not impacted, but that might take a great deal of time and effort on your part.

The point is there is reasons why people don't just post their CC #s in public forums.

Is the damage of lost personal info and CC #s irrecoverable? No, of course not. Is it a massive pain in the @$$? Most definitely.


RE: Meh
By Lazarus Dark on 4/26/2011 5:51:36 PM , Rating: 2
And in my experience, even if you have absolute proof that some charge is an error, it still takes an act of Congress for the three Experian, Transunion, or Equifax to remove that error from thier records. I actually still have an error they just refuse to remove, no matter the absolute evidence I have. Thankfully my wifes credit is spotless, so we just use hers when we need to.


RE: Meh
By Solandri on 4/27/2011 2:30:52 AM , Rating: 2
They won't listen to you. But they'll listen to the credit card company/bank which listed the erroneous info to your credit report. I had Amex file a negative on my report due to an error (mistakenly reported late payments on my workplace's company card to my credit report). I played phone tag with Amex, got them to correct the error and send a letter to the credit agencies saying to remove the negative. And within a month it was gone.

(Which is not to say that they shouldn't listen to you. I absolutely agree that if those three screw up your life because of their error, they should be the ones paying to fix it, not you.)


RE: Meh
By Lazarus Dark on 4/27/2011 10:11:57 PM , Rating: 2
It was a financing company, Equitable Acceptance (legal loan sharks as far as I'm concerned). My bank records prove they received every payment on time, but their records are all screwed up. My bank, Bank of America, called them and confirmed that all payments had been sent to them electronically to the same routing number. Equitable said, yeah you're right, then promptly forgot speaking to them and continued to report me as having not paid on time for a year period. So, my bank says yes, now they say no, and the Big Three credit report agencies wont respond.


RE: Meh
By BansheeX on 4/27/2011 2:41:36 AM , Rating: 2
Most people aren't aware that they can put a freeze on their credit reports with all three credit agencies, thereby preventing thieves of personal data from issuing new credit cards under your stolen SS number. Of course, I'm of the opinion that consumer credit is unnecessary and a perversion of the concept behind savings and loans. But I still want to make it harder for criminals to game it.

In this case, having new credit in your name issued is not the risk because an SS# was not stolen. If you know your CC number has been stolen, immediately cancel the card and issue a new number. People who don't care because they're not liable for fraud are idiots: you should care that some criminal just made off with products you would have had to labor years for. Not only that, fraud bids up prices because it creates artificial demand and sucks up resources spent to recover losses or catch thieves. Don't just sit there and let it happen because you think it's not your problem: it is.


RE: Meh
By BioHazardous on 4/26/2011 10:27:03 PM , Rating: 1
quote:
It's just SOME CASES where they don't (for example, what if the charge came from your home state -- that would be "believable")...


What if the people who stole your info and identity ordered stuff online and shipped it to your address as though you ordered it?

Oh wait that's what happened to me and the issuing bank for my credit card just took care of it.

quote:
The point is there is reasons why people don't just post their CC #s in public forums.


People don't post their info on forums or share it with random strangers because they'd be in clear violation of their policy with the credit card company and thus be liable for any fraudulent charges.

Was it slightly annoying to have to fill out the forms and deal with the phone calls from my card company? Sure a little, but it didn't cost me a thing and it didn't impact my life or my credit rating in any way shape or form. That's why I prefer credit cards, I'm protected.

Is the massive theft of data a big deal? Yes. Will it impact me personally or my credit? No.

Let's not all get hysterical about things we know little about.


"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town." -- Charlie Miller














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki