Sony has finally come clean about the "external intrusion" that has caused the company to take down the PlayStation Network service, and the news is almost as bad as it can possibly get. The hackers have all your personal information, although Sony is still unsure about whether your credit card data is safe. Everything else on file when it comes to your account is in the hands of the hackers.

In other words, Sony's security has failed in a spectacular fashion, and we're just now finding out about it. In both practical and PR terms, this is a worst-case scenario.
What did they get?

Here is the data that Sony is sure has been compromised if you have a PlayStation Network Account:

* Your name
* Your address (city, state, and zip)
* Country
* E-mail address
* Birthday
* PSN password and login name

"It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained," Sony announced. While the company claims that there is "no evidence" that credit card information has been compromised, it won't rule out the possibility.

Their advice is to be safe, rather than sorry. "If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."
What can you do?

You are warned to keep watch over your accounts, and to be aware of your heightened risk of fraud due to the security breach. "For your security, we encourage you to be especially aware of e-mail, telephone, and postal mail scams that ask for personal or sensitive information," the company said. "Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information."

Sony has also provided a wealth of sources for data and protection against identity theft.

You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.

To be fair, Sony does apologize for the inconvenience. There is still no update on when service will be restored, but that is the least of your concerns if you have a PlayStation Network account. It's time to change your passwords, at the very least, and if you're like to be completely safe it's not a bad idea to cancel your credit or debit cards and request replacements.

We'll continue to follow this story as it develops.

http://arstechnica.com/gaming/news/2011/04/sony-admits-utter-psn-failure-your-personal-data-has-been-stolen.ars


Whoops

I guess "you get what you pay for" applies here


http://i56.tinypic.com/2hz6f61.jpg

I cant remember if I put my CC on my PS3. If so it's my old one any ways.

Aw fuck. I haven't used my PSN account in a while but I think I have some stuff out there.

Nice!!!!!

Add this to the rootkit debacle, and I think it's time to have a nice congressional pow wow about Sony! Yay!

Maybe they can group it in with grilling Apple over watching everyone's every fucking move.

I cancelled my credit card last night because of this. There were no suspicious charges on my account, but I'm not taking any chances.

4chan wins again.

Paybacks for the way Sony cracked down on that kid who hacked the root and disclosed how to do it?

I cancelled my credit card last night because of this. There were no suspicious charges on my account, but I'm not taking any chances.

Could have just requested a new CC number and kept the account open... rather than taking the hit on your credit.

4chan did this?

http://oi56.tinypic.com/2j2jjb7.jpg
ok who dun it?

4chan wins again.

4chan did this?

Paybacks for the way Sony cracked down on that kid who hacked the root and disclosed how to do it?

That's the word on the street. Or the internets, or something.

They deny it.

They issued a statement saying "For once, we didn't do it!"

Could have just requested a new CC number and kept the account open... rather than taking the hit on your credit.Well, yeah, that's what I meant. There's another CC on the way with a new number. Same account.

I have impeccable credit and just one credit card. I'm not closing that account.

Insert Witty Microsoft Comment here

Insert Witty Microsoft Comment here

I'm not saying this is what happened, but I can totally see M$ doing this as some sort of industrial espionage thing.

Of course, we know they didn't because the hackers responsible were actually successful, so M$ and Apple can both be ruled out completely. :lol:

I meant more along the lines of the Xbox Live vs PSN Argument and how they charge 50$ a month and PSN is free.

Either way im sure the Upper Echeon guys in M soft arent loosing sleep over the Sony debacle.

I was reading on my pc forum that M$ unbanned all hacked consoles. Dont know if its a flook or the real deal with M$ wanting them unbanned.

Sounds like someone large may have learned a little lesson.

Color me impressed if true.

I meant more along the lines of the Xbox Live vs PSN Argument and how they charge 50$ a month and PSN is free.

Either way im sure the Upper Echeon guys in M soft arent loosing sleep over the Sony debacle.
$5 a month..

$5 a month..

they add on a 'ginger tax' for red heads, so yes he is right

Sounds like someone large may have learned a little lesson.

Color me impressed if true.

how to bow down in the face of terrorism? :lol

The queen would be proud....

how to bow down in the face of terrorism? :lol

No foo. Not to bite the fucking hand that feeds you.

Windows became the most popular software ever, because it was also the most pirated software ever.

Now that you can't steal it, nobody buys their software anymore.

Seems counter-intuitive, but there you have it; that's the reality.

Seems like they might be learning.

Mortal Combat 9 was the most pirated game ever, because they tried to stop piracy.

The lesson: Don't be greedy. Some will steal; consider it promo.

Or (if you prefer): If it's worth stealing, it's worth buying.

Nice!!!!!

Add this to the rootkit debacle, and I think it's time to have a nice congressional pow wow about Sony! Yay!

Maybe they can group it in with grilling Apple over watching everyone's every fucking move.

Sorry to keep dragging this up...

My understanding is that Apple is NOT watching your every move, Apple products are.

If I own and possess said product, the only person that has access to those recordings is me.

Is that accurate?

Sorry to keep dragging this up...

My understanding is that Apple is NOT watching your every move, Apple products are.

If I own and possess said product, the only person that has access to those recordings is me.

Is that accurate?

Apple products are watching you = Apple is watching you

Apple products are watching you = Apple is watching youThis.

They've pretty much said that anything Apple still belongs to Apple even if you bought it.

They've pretty much said that anything Apple still belongs to Apple even if you bought it.

Ok, now we are getting somewhere.

Thanks, I didn't know that.

Where have they / do they say that?

Ok, now we are getting somewhere.

Thanks, I didn't know that.

Where have they / do they say that?

Look up lawsuits and stuff about jailbreaking iPhones and such.

Look up lawsuits and stuff about jailbreaking iPhones and such.

No thanks.

I would like to see one of the Apple haters post some type of link though.

This.

They've pretty much said that anything Apple still belongs to Apple even if you bought it.


Ummm, no... Apple lost and was humiliated by the judge when he delivered his verdict. Jailbreaking is perfect legal. You need to read up on what actually happened.

Aside from software, which is of course protected by piracy laws.

Sorry to keep dragging this up...

My understanding is that Apple is NOT watching your every move, Apple products are.

If I own and possess said product, the only person that has access to those recordings is me.

Is that accurate?

Apple claims they're not using the data. Other sources indicate the data is uploaded to Apple twice daily.

Apple claims they're not using the data. Other sources indicate the data is uploaded to Apple twice daily.

If that is true, then I can see the logic behind the uproar.

Ummm, no... Apple lost and was humiliated by the judge when he delivered his verdict. Jailbreaking is perfect legal. You need to read up on what actually happened.

Aside from software, which is of course protected by piracy laws.

I wasn't talking about the end result of the lawsuits, I was talking about what they've said in the past.

Apple claims they're not using the data. Other sources indicate the data is uploaded to Apple twice daily.

Huh? Apple said pretty clearly they were using the data.

edit: http://www.twowheelfix.com/showpost.php?p=466327&postcount=20

Huh? Apple said pretty clearly they were using the data.

edit: http://www.twowheelfix.com/showpost.php?p=466327&postcount=20

Except when they said they weren't.

:scratch:

"Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so. "

Can you say DOUBLE TALK??

Huh? Apple said pretty clearly they were using the data.

edit: http://www.twowheelfix.com/showpost.php?p=466327&postcount=20


Thank you for the informative link.

It is so much better seeing stuff like this than internet hearsay. :dthumb:

Except when they said they weren't.

:scratch:

"Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so. "

Can you say DOUBLE TALK??

"Tracking the location of your iPhone" and having anonymized location data sent to Apple are two very different things. I don't see any double talk.

The big :skep: for me is the explanation of the nature of the data itself. It may be totally true that it just logs the location of wifi hotspots and cell towers, but saying that data isn't also showing the location of your phone seems like semantics to me.

But again, if the only thing leaving my phone to go to Apple is anonymous location data, who cares? And I've got a lot more sensitive stuff on my computer than where my phone has been for the past year. If I was paranoid, I'd encrypt my phone backups.

$5 a month..

Meant to say year...And they upped it to 60 Actually but yes it's still about 5 a Month.

Except when they said they weren't.

:scratch:

"Apple is not tracking the location of your iPhone. Apple has never done so and has no plans to ever do so. "

Can you say DOUBLE TALK??Did you read the article?

The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone

The points that are plotted in the database in question are wifi hotspot and cell tower locations around you, not the actual location of you and your phone.

Did you read the article?



No, I quoted from it with my eyes closed.

No, I quoted from it with my eyes closed.

:lol:

The new south park episode about this is hilarious

No, I quoted from it with my eyes closed.You quoted one sentence, and claimed they're double-talking. Where's the double-talk? I don't see Apple being quoted anywhere admitting that they're tracking phone locations.

So, how long have you been Steve Job's gay bitch?

So, how long have you been Steve Job's gay bitch?I'm just saying show me the double-talk. I don't see it. Maybe your reading comprehension is much more superior to mine. :idk:

Maybe I read up on it a bit more than just taking Apple's word for things.

...But I'm sure they're being totally honest.

Maybe I read up on it a bit more than just taking Apple's word for things.

...But I'm sure they're being totally honest.Trust me, I'm as skeptical as they come. Got any links?

Nah, didn't save anything. I read a lot. Google it, and look on tech blogs. There's more to it than Apple is saying (shocker, I know).

Nah, didn't save anything. I read a lot. Google it, and look on tech blogs. There's more to it than Apple is saying (shocker, I know).

How can it be Apple double talk if they're not saying it?

How can it be Apple double talk if they're not saying it?

They're not saying it, TWICE!

Here, I found some links. I left out the Apple fanboy sites, to be fair:

http://techcrunch.com/2011/04/27/apple-iphone-location/

http://techcrunch.com/2011/04/27/we-translate-apples-qa-on-location-data-so-you-dont-have-to/

http://blogs.computerworld.com/18190/apple_android_location_tracking

Here's a link that will let you point at your backup directory and show you the location data that's being stored:

http://markolson.github.com/js-sqlite-map-thing/

http://www.wired.com/gadgetlab/2011/04/apple-iphone-tracking

http://www.engadget.com/2011/04/21/the-iphone-tracking-fiasco-and-what-you-can-do-about-it/

http://www.wired.com/gadgetlab/2011/04/iphone-location/

http://techcrunch.com/2011/04/21/apple-tracking-location-database/

Oh look, Android does it too:

http://techcrunch.com/2011/04/22/google-responds-to-smartphone-location-tracking-uproar-says-android-is-opt-in

I know the Droid does it too.

See "non-smart-phone" thread, for why I have a phone, that's a fucking PHONE, and I use it to make PHONE CALLS.

If you wanna carry a tracking device, knock yourselves out.

If you gave me an iPhone, I'd sell it.

How can it be Apple double talk if they're not saying it?

We track your cell and wifi logons, but no, we don't track your phone?

Really? Man, I wish I was selling shit, I have a feeling I could sell you fucking anything.

:bash:

Turn your phone off (heaven forbid) if you're worried.

BTW, turn fucking geo-tagging off if you're taking pics.

We track your cell and wifi logons, but no, we don't track your phone?

Really? Man, I wish I was selling shit, I have a feeling I could sell you fucking anything.

:bash:The geo points in the database are the locations of cell phone towers and wifi hotspots, not the location of the phone itself. You claim otherwise, but offer no proof.

The website I've found just plots the points on a map. There is no other information given (date/time/etc). Either the website doesn't support it, or the data isn't logged. It's simply points on a map.

Triangulation of your location based on tower/wifi spots is pretty inaccurate. The only way to get truly accurate location data on the device is through GPS. The GPS only turns on when needed by apps. Running the GPS 24/7 to log true device position data would drain the battery in a hurry, just like running a turn-by-turn navigation app constantly without an external power source. The iPhone 4 is only good for a few hours like that.

SO they're spying on me, but they're not doing it very well or accurately?

You're a fucking genius.

We track your cell and wifi logons, but no, we don't track your phone?

Really? Man, I wish I was selling shit, I have a feeling I could sell you fucking anything.

:bash:

I'd point out (again) that the data being sent to Apple is claimed to be anonymous, but I don't think it'd get through your tinfoil hat (again).

If Apple is tracking my phone, then I should be able to go to Apple somewhere and find specific location data in Apple's hands that I can link to my phone. Apple says that's not the case. Ergo, Apple is not tracking my phone.

I wish you'd sell me some of the shit you're smoking, because it seems to dull the wits quite nicely.

I'd point out (again) that the data being sent to Apple is claimed to be anonymous, but I don't think it'd get through your tinfoil hat (again).

If Apple is tracking my phone, then I should be able to go to Apple somewhere and find specific location data in Apple's hands that I can link to my phone. Apple says that's not the case. Ergo, Apple is not tracking my phone.

I wish you'd sell me some of the shit you're smoking, because it seems to dull the wits quite nicely.

That's your argument? You can't find a link to it, so it doesn't exist?

Ok, now that I'm home, here's the location data that's currently on my phone. Now, tell me, what can you do with it? Pretty much nothing, except see approximately where I've been.

The big picture:
https://lh6.googleusercontent.com/_QWsg00m5hZg/Tbv5mmesA-I/AAAAAAAAGZk/vbrSrp4fvwY/s800/2011-04-30_065431.jpg

Zoomed way in somewhere:
https://lh6.googleusercontent.com/_QWsg00m5hZg/Tbv5mwjL7yI/AAAAAAAAGZo/1z09G_FJ1Mg/s800/2011-04-30_065620.jpg

Now, I've never been inside all those buildings. They're either wifi hotspots, or cell towers.

You can't see when I was in the area, which way I was going, latitude/longitude, or speed I was traveling. There's not even a line tracing my path, like a GPS track.

They are points on a map; that's it.

Alone, this data may indeed mean next to nothing.

In aggregate with other data, and perhaps unique knowledge, however, this information, if stolen, could possibly be used to verify places of employment, where you live, and what times you can be found exactly where...thus, you could easily be targeted for theft, or worse.

You can defend this shit all you want, it's still not kosher what they did. I know it's not just them, but it's still not right.

I don't care what Billy does, if Billy jumped off a bridge...

How would it verify places of employment or where you live? It's just showing the closest hotspots. There could be 100 employers near that hotspot.

And I am calling BS on the dots in the Carribbean :redflip

And I am calling BS on the dots in the Carribbean :redflip
Call BS all you want. I go on a cruise every year. There's cell service there.

How would it verify places of employment or where you live? It's just showing the closest hotspots. There could be 100 employers near that hotspot.

Exactly. I just zoomed way in to where I work and live, and the points don't even come close. It doesn't even show the wifi I have at home, probably because it's secured.

Exactly. I just zoomed way in to where I work and live, and the points don't even come close. It doesn't even show the wifi I have at home, probably because it's secured.

Not everyone works in high density areas. This could easily track the movements of rural area individuals, especially those working in secure rural area employment positions where it would be very easy to monitor their habits.

You guys write too much of your privacy as "meaningless."

Since Apple has full control of the gps chip in the iphone since you have no way to turn it off in nonjailbroken form, it could easily build tracking into that as well.

Call BS all you want. I go on a cruise every year. There's cell service there.
As in cruise ships? I thought only senior citizens do that :lol:

As in cruise ships? I thought only senior citizens do that :lol:It's more fun than you think.

As in cruise ships? I thought only senior citizens do that :lol:

People who like structure really dig it.

They tell you exactly what to do, and when. It's all on a time schedule.

Moo. Bah.

People who like structure really dig it.

They tell you exactly what to do, and when. It's all on a time schedule.

Moo. Bah.

Not anymore. They got all this flex scheduling shit, the only problem with that is the quality has gone down considerably.

It's basically a moving Sandals resort. There are different cruise lines for different age groups/families. Holland America is the old folks home. Carnival is where the slutty party animals are. Disney/Royal Caribbean for families. Celebrity for 30 somethings.

Meh, I played a couple of tours. Sucked. NCL.

Call BS all you want. I go on a cruise every year. There's cell service there.

Great, now with that info, all I need to have is access to your phone via a trojan, and I can go rip you off while you're on vacation (remember the trojan gave me access, I know your address, or I'm perhaps someone you've befriended online with less-than-honorable intentions).

See how easy it is to "enable" bad shit to happen by simply leaving leaky info lying about?

If someone puts two and two together, perhaps with a geo-tagged image you shared online, you're hosed.

I'm not that stupid, but many are.

Accessing my phone via a trojan (which isn't happening - I'm not that stupid) will only tell you where my phone has been. Not when. It's not going to tell you when I'm out of town and I simply don't advertise that information except to the person that is watching my house while I'm gone. I have a house sitter anyway, my pets are pretty high maintenance and someone pretty much has to live here while I'm gone.

The info isn't just "lying about". If I encrypt my iPhone backups, you can't get into it on my computer. The trojan thing you mentioned just isn't going to happen to me. I know my way around computers all too well for that to even be a concern.

Again, there's no information in here other than points on a map. There's no date, no time, etc.

It would be easier to just case my house and figure out when I'm gone.

If you break in to my house and don't get mauled by dogs or shot, help yourself. It's only stuff. That's what homeowner's insurance is for.

Now, if you kick the door down while I'm home, that's an entirely different matter.

If I have to point out a specific hypothetical in order for you to understand that this is too much information, and is being handled too cavalierly, in order for you to grasp that it's a security risk, then you're not a very sharp individual, able to think things through both backwards and forwards for your own protection.

Good luck. Yeah, you're waaaaay too sharp to get a trojan ;)

That's your argument? You can't find a link to it, so it doesn't exist?

Huh?

Some people took issue with Apple saying "we are not tracking the whereabouts of your iPhone," since the location data was being saved and being sent to Apple on a regular basis.

Of course the data exists. I'm saying that if the only thing Apple is receiving is the location of cell towers and wifi hotspots in some anonymous manner that can't be linked back to an individual phone, then Apple really isn't tracking my phone.

You wanna argue that collecting the data is a bad idea to begin with? Knock yourselves out. Different strokes for different folks and all that. I don't care too much, but I can see how others might.

And jtemple, I'm pretty sure when this all came out, they showed the database of saved location data has timestamps, too. (It wouldn't be very useful info about currently active coverage if it didn't.)

"Apple to fix location tracking bug in iOS 4.3.3; due out soon"

http://www.bgr.com/2011/05/02/apple-to-fix-location-tracking-bug-in-ios-4-3-3-due-out-soon/

It's a bug? I thought it was a "feature".

:skep:

It's a bug? I thought it was a "feature".

:skep:

It was a feature, now its a bug because people are angry about it.

Actually they are just gonna rename the folder the location data is saved in, sources close to Apple insists that the folder will be named Cortney Love naked to keep people from actually looking in it. (J/K)

another 25 million accounts hacked.

http://news.yahoo.com/s/ap/us_tec_sony_hacker_attack

Yup.. changed my CC# because of this.. I hate resetting the card everywhere..