Companies get hacked all the time. Sure. Even the government and banks!
The point is if the data was strongly encrypted or not! Which would make the stolen data practically useless for the hackers.
Unless ofcourse it was in inside job and hackers got hold of the encryption keys. Which would even be a more severe criminal offense for both hackers and the insider helping them.
With Sony and SOE, they made it the hackers just easy by N O T E N C R Y P T I N G our personal information and store it in P L A I N T E X T in their databases!
Also both Sony and SOE knew about security holes in their network and failed to adress them in time before the "big" attack 2 weeks ago! As the PSN network was already breached earlier this year by a young teenager!!
So YES! For such a large multi billion dollar company like Sony, it's total neglegence on their part in how they treated and handled our Personal Information !
[Mod Edit]
I just usually like to see the end result of an investigation, before I hold someone guilty of a crime.
[Mal Edit]
I guess I'll have to reword what i wrote. If what I wrote here has offended you ( your use of exclamation points and your edited comment says you must be) I'm sorry. I was only offering my opinion on the situation, and pointing out I will wait until the investigation is over before I jump the gun on calling SOE out.
I'm aware they made mistakes, I was not aware of the earlier intrusion though on PSN. My overall point is, this can happen just about anywhere, big company or small. If SOE is at fault that will come out in time, I'll wait until then to give an opinion on that subject.
As a closing note, I'll just say remeber kids there's always a risk in using personal info, bank info or CC info on the net, if you do always keep an eye on your finances.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
Companies get hacked all the time. Sure. Even the government and banks!
The point is if the data was strongly encrypted or not! Which would make the stolen data practically useless for the hackers.
Unless ofcourse it was in inside job and hackers got hold of the encryption keys. Which would even be a more severe criminal offense for both hackers and the insider helping them.
With Sony and SOE, they made it the hackers just easy by N O T E N C R Y P T I N G our personal information and store it in P L A I N T E X T in their databases!
Also both Sony and SOE knew about security holes in their network and failed to adress them in time before the "big" attack 2 weeks ago! As the PSN network was already breached earlier this year by a young teenager!!
So YES! For such a large multi billion dollar company like Sony, it's total neglegence on their part in how they treated and handled our Personal Information !
Maybe I do have some reading comprehension problem, but I'll leave the insults there. I'm sorry if I offended you in some way by offering my opinion on the situation. I just usually like to see the end result of an investigation, before I hold someone guilty of a crime.
I am not insulting you in any way.
Sony and SOE are already guilty of a crime, as they stored our personal information unencrypted in their databases. And that is exactly what the Class Action Lawsuit will be about among other things.
That they knew they had security holes in their network is also a FACT, simply because it was Headline news beginning this year when young teenage boy already managed to breach and hack into the PSN network!
Hey guys - If you receive any emails from something that looks like SOE, please inspect them carefully. I just edited one out of this thread that was a phishing email. There was a link to what looked like the credit report site SOE put in their release, but it led somewhere else if you moused over it to check.
So be careful what you click and what you post here as well.
Why would you blame Sony for this? Do you think that network security is fool proof or 100% secure?
Do you think because you have a firewall and virus protection your home PC is safe?
It is not Sony's fault, I am willing to bet anything that Sony had/has a great secruity system in place but no amout of security can stop hackers. The US goverment gets hacked into and we all know they have better security then Sony does.
Blaming Sony is short side and wrong, you are either to stupid to understand computer security or just hate Sony. The lawsuit that is being file againts them will not win. You cannot hold a company accountable for something that cannot be stopped.
I work in the IT field, I have for over 12 years now, I work with Network security and databases and trust me, nothing on the market is hack proof, no virus scanner in the world is virus proof and no computer is 100% safe in this world. (INCLUDING MACS)
You are talking about hackers that do nothing but hack and learn how to break though security. Image all the time that you put in to video games and remember there are people that put in that much time to learn how to hack and cause problems.
Virus, spyware and hacker are all cat and mouse games. The mouse (hackers) always have the advanage and the cat is always playing catch up. Its been like this since the beginning of computers and it will not go away, only get worst.
You have to understand that all the security software that company's and users can buy, hackers can buy them too and sit there on their personal networks and find ways to hack and break those programs.
If you want to blame someone, blame the cowardly hackers that did this, not Sony who I am sure has done everything in their power to secure our data but shit like this happens, nothing can be done to stop it.
Here is a BBC feature about a security experts opinion on the ps3 network hacking from last week. Think there is some relevant points to this discusion made on it. http://www.bbc.co.uk/news/technology-13215534
Why would you blame Sony for this? Do you think that network secruity is fool proof or 100% secure?
Do you think because you have a firewall and virus protection your home PC is safe?
It is not Sony's fault, I am willing to bet anything that Sony had/has a great secruity system in place but no amout of security can stop hackers. The US goverment gets hacked into and we all know they have better security then Sony does.
Blaming Sony is short side and wrong, you are either to stupid to understand computer security or just hate Sony. The lawsuit that is being file againts them will not win. You cannot hold a company accountable for something that cannot be stopped.
I work in the IT field, I have for over 12 years now, I work with Network security and databases and trust me, nothing on the market is hack proof, no virus scanner in the world is virus proof and no computer is 100% safe in this world. (INCLUDING MACS)
Again, instead of blindly posting in the middle of an already long ongoing discussion, which someone had already posted a thousand times earlier today.... please READ what it is about and what has ACTUALLY happened!
I work in the IT field for over 12 years myself too!
Strongly encrypting sensitive data, like in this case personal information of millions of customers, goes a long way at making sure it is safe! Even in an event your network gets breached and hacked and they manage to steal this data.
In Sony and SOE's case, they are 100% at fault here, simply because they careless stored OUR personal information UNENCRYPTED in PLAIN TEXT in their databases! Yes that is right! In PLAIN TEXT!
That is totally irresponsible on their part and why they already are facing a Class Action Lawsuit about this incident!
What makes matters even worse. SOE had also an old database from 2007 still up and running in their Live network, that included personal information, credit/debit information and bank account information of thousands of European customers that is now also stolen and out in the open!
Also, everyone seem to have forgotten that a teenager already manage to breach and hack the PSN network earlier this year!
So they already knew back then they had security holes within their network and failed to take them seriously and adress them before the "big" attack 2 weeks ago.
So please explain to me, with all the information already widely available about the incident... how Sony and SOE are innocent in this and not to be blamed in any way?
Here is a BBC feature about a security experts opinion on the ps3 network hacking from last week. Think there is some relevant points to this discusion made on it. http://www.bbc.co.uk/news/technology-13215534
Well it basically backs up what both sides are saying. It was unavoidable, yet the way they stored their information was less than stellar.
Doesn't it say your info will be stored with encryption when you sign up? I could have sworn it does as it does with most OL services.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
And still they haven't contacted their customers personally by any means to let them know their information has been compromised. Imagine all those people who don't read game news or go to fansites? Those people are going to get screwed when the thieves start using all that credit card info.
Not so, as a holder of one station access and one secondary SWG account I got the notice today that my stuff was potentially stolen.
Played: Asheron's Call(still the best fantasy MMO!), EQ1, EQ2, Vanguard, DAoC, Horizons, City of Heroes/Villians, WoW (crap), LOTORO, D&D Online, Eve, Anarchy Online, and still playing SWG daily.
And still they haven't contacted their customers personally by any means to let them know their information has been compromised. Imagine all those people who don't read game news or go to fansites? Those people are going to get screwed when the thieves start using all that credit card info.
Not so, as a holder of one station access and one secondary SWG account I got the notice today that my stuff was potentially stolen.
yeah same here lol, pretty sad considering theyve known since april 18th. Hell if it wasnt for this site i wouldnt even had known why they took everything down 2 days ago.
at times like this a scape goat is neede and think smedley might have to be it
As much as many would probaby like to see that, the issue is described as being in the "shared architecture" between PSN and SOE. So, unless Smedley is over both sides of that shop, he might be just low enough to escape any 'corrective action'. At least, given the guys survivability, I would expect nothing less :P
-mklinic
"Do something right, no one remembers. Do something wrong, no one forgets" -from No One Remembers by In Strict Confidence
All one can hope is that the fallout from this debacle costs Smedley his job. He is ultimately responsible for this mess they are in. Someone new might just have a chance to raise SOE from the ashes.
I haven't really jumped on the hate Smedley bandwagon in the past (though I readily aknowledge the validity of complaints against him), but I have to say, I may just agree with you on this. With such a debacle as this, more than one chief's heads should roll and with how much nerd rage Smedley generates, it may be a good move for SOE on more than one level.
I hadent even realized this was going on until I read about it here Gadgets-4G talking about it. I just have to thank god everything Sony has of mine is long expired.
Refugee from UO,EQ,AC,AC2,AO,DAOC,L2,SB,HZ,CoH,PT,EQ2,WoW,VG,SWG,EVE,WAR,DF,MO,AI,GA,LOTRO, SWTOR... Gw2 on Deck
I hate to see a bunch of cogs get laid off and left out of the job, but SOE (the MMO side) shutting down would be a blessing... They've been churning out garbage and screwing over their customers for years. They really shouldn't be allowed to continue to go on.
Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.
Hacker
A person who enjoys exploring the details of computers and how to stretch their capabilities. A malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary.
Crack
A popular hacking tool used to decode encrypted passwords. System administrators also use crack to assess weak passwords by novice users in order to enhance the security of the Automated Information System (AIS).
Cracker
One who breaks security on an AIS. Automated Information System - any equipment of an interconnected system or subsystems of equipment that is used in the automatic acquisition, storage, manipulation, control, display, transmission, or reception of data and includes software, firmware, and hardware.
You're a bit confused. White-hats don't break the law, black-hats do.
Last week the supreme ruled they will no longer hear class action lawsuits, they must be resolved through arbitration.
Although Sony alledgedly pulled all their online games, or they were crashed by Anon's DOS attacks, to protect the info they had already admitted had been stolen, there are reports that players are still being charged for their monthly subscriptions so evidently Sony didn't pull all their stuff.
They left the part that takes money from people for services they are NOT providing. So who is the making unauthorized hit to your credit card, Sony or the hackers? Or both?
Let me tell you something about "Anonymous". Anonymous is a baseless, classless identification of individuals who could not start to claim representation of the spirit to which they claim. Anonymous is horrible. Anyone who admits to any link to Anonymous is horrible. Anonymous is a walking, talking, fail joke without an ounce of understanding how to have a sliver of self-respect.
Why would you blame Sony for this? Do you think that network secruity is fool proof or 100% secure?
Do you think because you have a firewall and virus protection your home PC is safe?
It is not Sony's fault, I am willing to bet anything that Sony had/has a great secruity system in place but no amout of security can stop hackers. The US goverment gets hacked into and we all know they have better security then Sony does.
Blaming Sony is short side and wrong, you are either to stupid to understand computer security or just hate Sony. The lawsuit that is being file againts them will not win. You cannot hold a company accountable for something that cannot be stopped.
I work in the IT field, I have for over 12 years now, I work with Network security and databases and trust me, nothing on the market is hack proof, no virus scanner in the world is virus proof and no computer is 100% safe in this world. (INCLUDING MACS)
Again, instead of blindly posting in the middle of an already long ongoing discussion, which someone had already posted a thousand times earlier today.... please READ what it is about and what has ACTUALLY happened!
I work in the IT field for over 12 years myself too!
Strongly encrypting sensitive data, like in this case personal information of millions of customers, goes a long way at making sure it is safe! Even in an event your network gets breached and hacked and they manage to steal this data.
In Sony and SOE's case, they are 100% at fault here, simply because they careless stored OUR personal information UNENCRYPTED in PLAIN TEXT in their databases! Yes that is right! In PLAIN TEXT!
That is totally irresponsible on their part and why they already are facing a Class Action Lawsuit about this incident!
What makes matters even worse. SOE had also an old database from 2007 still up and running in their Live network, that included personal information, credit/debit information and bank account information of thousands of European customers that is now also stolen and out in the open!
Also, everyone seem to have forgotten that a teenager already manage to breach and hack the PSN network earlier this year!
So they already knew back then they had security holes within their network and failed to take them seriously and adress them before the "big" attack 2 weeks ago.
So please explain to me, with all the information already widely available about the incident... how Sony and SOE are innocent in this and not to be blamed in any way?
IF a hacker is able to get by the network security and steal data, encrypted or not, they are smart enough to steal the encrypter and/or break the encryption. Its called common sense.
Sure SOE and Sony should have encrypted their data but agian that would have made little difference to someone able to pull of a data hack on a billion dollar company.
A small network break in like the one you are talking about with the teenager is just that, a small breach that would not make them aware of a bigger issue, it would make them aware of the small issue and I am sure they fixed that problem.
Having a 2007 database still up and running in 2011 is not that big of a surprise, alot of large companies still have databases up and running for the 80s (AS400 systems).
Comments
[Mod Edit]
I just usually like to see the end result of an investigation, before I hold someone guilty of a crime.
[Mal Edit]
I guess I'll have to reword what i wrote. If what I wrote here has offended you ( your use of exclamation points and your edited comment says you must be) I'm sorry. I was only offering my opinion on the situation, and pointing out I will wait until the investigation is over before I jump the gun on calling SOE out.
I'm aware they made mistakes, I was not aware of the earlier intrusion though on PSN. My overall point is, this can happen just about anywhere, big company or small. If SOE is at fault that will come out in time, I'll wait until then to give an opinion on that subject.
As a closing note, I'll just say remeber kids there's always a risk in using personal info, bank info or CC info on the net, if you do always keep an eye on your finances.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
I am not insulting you in any way.
Sony and SOE are already guilty of a crime, as they stored our personal information unencrypted in their databases. And that is exactly what the Class Action Lawsuit will be about among other things.
That they knew they had security holes in their network is also a FACT, simply because it was Headline news beginning this year when young teenage boy already managed to breach and hack into the PSN network!
Thanks for the heads up Amana
Why would you blame Sony for this? Do you think that network security is fool proof or 100% secure?
Do you think because you have a firewall and virus protection your home PC is safe?
It is not Sony's fault, I am willing to bet anything that Sony had/has a great secruity system in place but no amout of security can stop hackers. The US goverment gets hacked into and we all know they have better security then Sony does.
Blaming Sony is short side and wrong, you are either to stupid to understand computer security or just hate Sony. The lawsuit that is being file againts them will not win. You cannot hold a company accountable for something that cannot be stopped.
I work in the IT field, I have for over 12 years now, I work with Network security and databases and trust me, nothing on the market is hack proof, no virus scanner in the world is virus proof and no computer is 100% safe in this world. (INCLUDING MACS)
You are talking about hackers that do nothing but hack and learn how to break though security. Image all the time that you put in to video games and remember there are people that put in that much time to learn how to hack and cause problems.
Virus, spyware and hacker are all cat and mouse games. The mouse (hackers) always have the advanage and the cat is always playing catch up. Its been like this since the beginning of computers and it will not go away, only get worst.
You have to understand that all the security software that company's and users can buy, hackers can buy them too and sit there on their personal networks and find ways to hack and break those programs.
If you want to blame someone, blame the cowardly hackers that did this, not Sony who I am sure has done everything in their power to secure our data but shit like this happens, nothing can be done to stop it.
Yes I suck at spelling.
Sooner or Later
Here is a BBC feature about a security experts opinion on the ps3 network hacking from last week. Think there is some relevant points to this discusion made on it. http://www.bbc.co.uk/news/technology-13215534
Again, instead of blindly posting in the middle of an already long ongoing discussion, which someone had already posted a thousand times earlier today.... please READ what it is about and what has ACTUALLY happened!
I work in the IT field for over 12 years myself too!
Strongly encrypting sensitive data, like in this case personal information of millions of customers, goes a long way at making sure it is safe! Even in an event your network gets breached and hacked and they manage to steal this data.
In Sony and SOE's case, they are 100% at fault here, simply because they careless stored OUR personal information UNENCRYPTED in PLAIN TEXT in their databases! Yes that is right! In PLAIN TEXT!
That is totally irresponsible on their part and why they already are facing a Class Action Lawsuit about this incident!
What makes matters even worse. SOE had also an old database from 2007 still up and running in their Live network, that included personal information, credit/debit information and bank account information of thousands of European customers that is now also stolen and out in the open!
Also, everyone seem to have forgotten that a teenager already manage to breach and hack the PSN network earlier this year!
So they already knew back then they had security holes within their network and failed to take them seriously and adress them before the "big" attack 2 weeks ago.
So please explain to me, with all the information already widely available about the incident... how Sony and SOE are innocent in this and not to be blamed in any way?
Well it basically backs up what both sides are saying. It was unavoidable, yet the way they stored their information was less than stellar.
Doesn't it say your info will be stored with encryption when you sign up? I could have sworn it does as it does with most OL services.
For every minute you are angry , you lose 60 seconds of happiness."-Emerson
at times like this a scape goat is neede and think smedley might have to be it
http://kotaku.com/#!5798242/dc-universe-subscribers-get-a-free-month-free-cowl-over-hack-attack
Here come the freebies.
Not so, as a holder of one station access and one secondary SWG account I got the notice today that my stuff was potentially stolen.
Played: Asheron's Call(still the best fantasy MMO!), EQ1, EQ2, Vanguard, DAoC, Horizons, City of Heroes/Villians, WoW (crap), LOTORO, D&D Online, Eve, Anarchy Online, and still playing SWG daily.
yeah same here lol, pretty sad considering theyve known since april 18th. Hell if it wasnt for this site i wouldnt even had known why they took everything down 2 days ago.
As much as many would probaby like to see that, the issue is described as being in the "shared architecture" between PSN and SOE. So, unless Smedley is over both sides of that shop, he might be just low enough to escape any 'corrective action'. At least, given the guys survivability, I would expect nothing less :P
-mklinic
"Do something right, no one remembers.
Do something wrong, no one forgets"
-from No One Remembers by In Strict Confidence
I really don't see how Smed's job position has anything to do with this. o_O
You want him to retire out of shame?
If that were the case he would have retired long ago.
"The knowledge of the theory of logic has no tendency whatever to make men good reasoners." - Thomas B. Macaulay
"The greatest enemy of knowledge is not ignorance, it is the illusion of knowledge." - Daniel J. Boorstin
I haven't really jumped on the hate Smedley bandwagon in the past (though I readily aknowledge the validity of complaints against him), but I have to say, I may just agree with you on this. With such a debacle as this, more than one chief's heads should roll and with how much nerd rage Smedley generates, it may be a good move for SOE on more than one level.
Depending on who bought these assets I agree it could be a major win for Vanguard and even SWG.
I hadent even realized this was going on until I read about it here Gadgets-4G talking about it. I just have to thank god everything Sony has of mine is long expired.
Refugee from UO,EQ,AC,AC2,AO,DAOC,L2,SB,HZ,CoH,PT,EQ2,WoW,VG,SWG,EVE,WAR,DF,MO,AI,GA,LOTRO, SWTOR... Gw2 on Deck
I hate to see a bunch of cogs get laid off and left out of the job, but SOE (the MMO side) shutting down would be a blessing... They've been churning out garbage and screwing over their customers for years. They really shouldn't be allowed to continue to go on.
Hacking
Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network.
Hacker
A person who enjoys exploring the details of computers and how to stretch their capabilities. A malicious or inquisitive meddler who tries to discover information by poking around. A person who enjoys learning the details of programming systems and how to stretch their capabilities, as opposed to most users who prefer to learn only the minimum necessary.
Crack
A popular hacking tool used to decode encrypted passwords. System administrators also use crack to assess weak passwords by novice users in order to enhance the security of the Automated Information System (AIS).
Cracker
One who breaks security on an AIS. Automated Information System - any equipment of an interconnected system or subsystems of equipment that is used in the automatic acquisition, storage, manipulation, control, display, transmission, or reception of data and includes software, firmware, and hardware.
You're a bit confused. White-hats don't break the law, black-hats do.
A few thing worth mentioning.
Last week the supreme ruled they will no longer hear class action lawsuits, they must be resolved through arbitration.
Although Sony alledgedly pulled all their online games, or they were crashed by Anon's DOS attacks, to protect the info they had already admitted had been stolen, there are reports that players are still being charged for their monthly subscriptions so evidently Sony didn't pull all their stuff.
They left the part that takes money from people for services they are NOT providing. So who is the making unauthorized hit to your credit card, Sony or the hackers? Or both?
Funny thing is I subscribed 6 hrs before SOE went offline, lol
Derek Smart?
RELAX!@!! BREATHE!!!
Now you gone an' done it!
We ALL gonna be SUED!
Nothing says irony like spelling ideot wrong.
Lord British?
Let me tell you something about "Anonymous". Anonymous is a baseless, classless identification of individuals who could not start to claim representation of the spirit to which they claim. Anonymous is horrible. Anyone who admits to any link to Anonymous is horrible. Anonymous is a walking, talking, fail joke without an ounce of understanding how to have a sliver of self-respect.
Anonymous is garbage.
IF a hacker is able to get by the network security and steal data, encrypted or not, they are smart enough to steal the encrypter and/or break the encryption. Its called common sense.
Sure SOE and Sony should have encrypted their data but agian that would have made little difference to someone able to pull of a data hack on a billion dollar company.
A small network break in like the one you are talking about with the teenager is just that, a small breach that would not make them aware of a bigger issue, it would make them aware of the small issue and I am sure they fixed that problem.
Having a 2007 database still up and running in 2011 is not that big of a surprise, alot of large companies still have databases up and running for the 80s (AS400 systems).
Sooner or Later