The Glade 4.0

"Turn the lights down, the party just got wilder."
It is currently Sat Nov 23, 2024 10:45 pm

All times are UTC - 6 hours [ DST ]




Post new topic Reply to topic  [ 264 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6, 7, 8 ... 11  Next
Author Message
PostPosted: Mon May 02, 2011 6:12 am 
Offline

Joined: Sat Oct 24, 2009 5:44 pm
Posts: 2315
SOE just took down the servers of all the MMOs they operate, looks like the hackers got even more from them than they've admitted so far.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 9:15 am 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Okay, **** Sony.

The lack of information about this **** is terrible service for their customers.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 10:14 am 
Offline

Joined: Wed Sep 02, 2009 10:49 pm
Posts: 3455
Location: St. Louis, MO
Two things...
1) You get what you pay for.
2) Choose your enemies wisely.

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 11:52 am 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
dayum...

EQPlayers home page wrote:
Dear valued SOE Customers,


We have had to take the SOE service down temporarily. In the course of our investigation into the intrusion into our systems we have discovered an issue that warrants enough concern for us to take the service down effective immediately. We will provide an update later today (Monday).


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 11:56 am 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Yeah. That's what I was referring to, Midgen. So, a breach in security happened, we think sometime in February. We discovered this sometime before mid-April. We still haven't told everybody who may be affected now that it's May.

Oh, by the way, sorry to everybody who we didn't tell to cancel their cards soon enough, especially those whose breaches may have occurred after we told them (or strongly implied) that their data wasn't compromised.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
PostPosted: Mon May 02, 2011 12:33 pm 
Offline
User avatar

Joined: Sat Sep 05, 2009 2:40 am
Posts: 3188
My guess: Sony was hoping to cover it completely and let it blow over. Sony probably was hoping that they could resolve the matter and that any customers with stolen info they could just feign ignorance and say "It wasn't us." And that they were willing to do this all because of the PR nightmare it would be if they came right out and said what happened.

Sony is a business. Money comes first, customers are secondary (especially when you're that large). As long as the sheep are eating what they are being fed, they don't care.

But the ironic thing is that the PR nightmare has escalated to much higher proportions because they tried their best to cover it up.


But that's just my guess.

_________________
Les Zombis et les Loups-Garous!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 12:38 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
Well, I had an active subscription to Station Access as recently as about a month ago, and I haven't heard anything from SoE about a potential compromise of my personal information.

(No I'm not waiting for them to invite me to cancel the card#).


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Mon May 02, 2011 12:47 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Midgen wrote:
Well, I had an active subscription to Station Access as recently as about a month ago, and I haven't heard anything from SoE about a potential compromise of my personal information.

(No I'm not waiting for them to invite me to cancel the card#).

This. Of course, it'd be nice of them to tell me I was at risk when they told PSN members they were. That's where the **** you comes in.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 1:12 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
heh...

(no idea if this is legit)

Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 1:34 pm 
Offline
The Dancing Cat
User avatar

Joined: Wed Nov 04, 2009 2:21 pm
Posts: 9354
Location: Ohio
They are Japanese. This is how they respond. They pretend it didn't happen and everyone in Japan is courteous enough to pretend it didn't happen either. It's like the nuclear meltdown that their government downplayed. My friend has family over there and despite seeing the devastation first hand they downplayed it too.

_________________
Quote:
In comic strips the person on the left always speaks first. - George Carlin


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 1:38 pm 
Offline
The Scaled Claw
User avatar

Joined: Thu Sep 03, 2009 1:15 am
Posts: 190
http://www.dailytech.com/Sony+Reveals+1 ... e21509.htm

Our bad, 10 million CCs stolen. And yeah, we did store all your personal info in plaintext! Oh, and we didn't even encrypt your passwords - only hashed them.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 1:48 pm 
Offline
Near Ground
User avatar

Joined: Wed Sep 02, 2009 10:38 pm
Posts: 6782
Location: Chattanooga, TN
Un. ****. believable.

Glad I canceled my debit card. Still waiting on a new one, and it's a pain in the *** that Sony's complete and utter failure is causing me grief.

Guess which of my online services will never have a payment account associated with it again! That's right, got it in one.


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Mon May 02, 2011 1:52 pm 
Offline
User avatar

Joined: Wed Sep 02, 2009 7:59 pm
Posts: 9412
Sean wrote:
Oh, and we didn't even encrypt your passwords - only hashed them.

But without even having the common courtesy of salting the hash. Ugh.

_________________
"Aaaah! Emotions are weird!" - Amdee
"... Mirrorshades prevent the forces of normalcy from realizing that one is crazed and possibly dangerous. They are the symbol of the sun-staring visionary, the biker, the rocker, the policeman, and similar outlaws." - Bruce Sterling, preface to Mirrorshades


Last edited by Kaffis Mark V on Mon May 02, 2011 2:19 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 1:53 pm 
Offline
Near Ground
User avatar

Joined: Wed Sep 02, 2009 10:38 pm
Posts: 6782
Location: Chattanooga, TN
Now I'm hungry for salty hash. DAMN YOU SONY.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 2:12 pm 
Offline
God of the IRC
User avatar

Joined: Wed Sep 02, 2009 7:35 pm
Posts: 3041
Location: The United States of DESU
hash+salt > hash > encryption > cleartext

_________________
Image


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 2:23 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
LUNCHTIME !!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 3:36 pm 
Offline
Consummate Professional
User avatar

Joined: Mon Sep 07, 2009 9:23 am
Posts: 920
Location: The battlefield. As always.
Got my new debit card, at least.

Will probably take their Free Stuff, at least.

Still grumpy and paranoid, though.

_________________
Image

Grenade 3 Sports Drink. It's fire in the hole.. Your hole!


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 5:10 pm 
Offline

Joined: Sat Oct 24, 2009 5:44 pm
Posts: 2315
I'm honestly shocked at how little gaming companies seem to care about the integrity of their billing system, you know, the lifeblood of their operation. Remember when EA/Mythic's billing system accidentally charged all their subscribers 126 times?


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 5:47 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
Bugs happen, but no one cares less about their customer's data than Sony. The Wii and 360 have both been hacked wide open yet customer privacy has not been a concern. This is an especially surprising case for Nintendo, considering how outdated their network infrastructure seems to be.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 5:57 pm 
Offline
User avatar

Joined: Thu Sep 03, 2009 3:08 am
Posts: 6465
Location: The Lab
An official announcement

For all of you current and former SoE Customers (who weren't otherwise affected by the PSN debacle), welcome aboard the failboat...

http://www.soe.com/securityupdate/

soe.com wrote:
Customer Service Notification

May 2, 2011

Dear Valued Sony Online Entertainment Customer:
Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.

Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly.

There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.

We had previously believed that SOE customer data had not been obtained in the cyber-attacks on the company, but on May 1st we concluded that SOE account information may have been stolen and we are notifying you as soon as possible.

We apologize for the inconvenience caused by the attack and as a result, we have:

1) Temporarily turned off all SOE game services;

2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and

3) Quickly taken steps to enhance security and strengthen our network infrastructure to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When SOE's services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your Station or SOE game account name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit http://www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a "fraud alert" on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

Experian: 888-397-3742; http://www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; http://www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; http://www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

You may wish to visit the web site of the U.S. Federal Trade Commission at http://www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or http://www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or http://www.oag.state.md.us.

We are committed to helping our customers protect their personal data and we will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in regions in which such programs are commonly utilized.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1 (866) 436-6698 should you have any additional questions.

Sincerely,
Sony Online Entertainment LLC


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Mon May 02, 2011 7:50 pm 
Offline
I am here, click me!
User avatar

Joined: Wed Sep 02, 2009 8:00 pm
Posts: 3676
Good thing all of the credit cards I used when I played Everquest have long since expired. Still, they have my personal information...also pretty outdated. I don't recall ever having to add my SSN(I mean, why would they need that anyway?). But still...

_________________
Los Angeles Kings 2014 Stanley Cup Champions

"I love this **** team right here."
-Jonathan Quick


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue May 03, 2011 10:17 am 
Offline

Joined: Sat Oct 24, 2009 5:44 pm
Posts: 2315
More info on this has come out, apparently SOE was running really old versions of Apache (2.2.17) from 2005 with known vulnerabilities and that let people get in and access their databases.


Top
 Profile  
Reply with quote  
 Post subject: Re:
PostPosted: Tue May 03, 2011 11:20 am 
Offline
User avatar

Joined: Fri Sep 04, 2009 7:40 am
Posts: 4281
Xequecal wrote:
More info on this has come out, apparently SOE was running really old versions of Apache (2.2.17) from 2005 with known vulnerabilities and that let people get in and access their databases.


Haha, wow. Just... wow. If that's true (and confirmed), here come SO many lawsuits.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue May 03, 2011 1:39 pm 
Offline
Web Ninja
User avatar

Joined: Wed Sep 02, 2009 8:32 pm
Posts: 8248
Location: The Tunt Mansion
lol jesus christ. THIS IS WHY YOU DON'T LET YOUR TECH STAGNATE.


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue May 03, 2011 1:45 pm 
Offline
The Dancing Cat
User avatar

Joined: Wed Nov 04, 2009 2:21 pm
Posts: 9354
Location: Ohio
Great, I quit EQ 10 years ago and now my data has been exposed/compromised/whatever.

_________________
Quote:
In comic strips the person on the left always speaks first. - George Carlin


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 264 posts ]  Go to page Previous  1, 2, 3, 4, 5, 6, 7, 8 ... 11  Next

All times are UTC - 6 hours [ DST ]


Who is online

Users browsing this forum: Google [Bot] and 19 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group