Sign in with
Sign up | Sign in

Hackers Trying to Sell PSN Data, Incl Credit Cards

By - Source: NYT | B 55 comments

If you have a PSN account, there's a good chance that hackers who infiltrated Sony's systems in the intrusion this month stole your personal information.

Now there are murmurs on the internet from those who wish to sell the information that they claimed to have come from PSN. Most frightening is that those who claim to have their hands on this information say that they also have credit card data.

Sony assured its PSN users that credit card data was encrypted and did not appear to be stolen, so at this point it's difficult to verify what is the truth.

Trend Micro security expert Kevin Stevens posted on Twitter:

The hackers that hacked PSN are selling off the DB. They reportedly have 2.2 million credits cards with CVVs

Supposedly the hackers selling the DB says it has: fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date

No, I have not seen the DB so I can not verify that it is true

Like many things on the internet, this could just be just a fake bundle of information. In any case, if you had a PSN account, then you should be high alert for potential identity theft and fraud.

Discuss
Ask a Category Expert

Create a new thread in the Streaming Video & TVs forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • 2 Hide
    jgalecio , May 1, 2011 4:51 AM
    No they have the CC info. Like I said a few days ago someone tried to transfer $4k from my buddies savings on an account he set up with PSN. I am calling Chase now to change all my stuff and am not setting up another PSN account ever. Thanks Sony you buttholes.
  • 3 Hide
    slayer10000 , May 1, 2011 5:08 AM
    ya you know what i hate to say this but any where you make account you have the chance of it getting hacked cause hackers have stopped going after banks but go after lower companys like gaming psn,xbox live ,blizzard the list goes on cause at the end of the day they dont have level of security that the banks have and safe guards
  • 6 Hide
    alextheawesome , May 1, 2011 5:16 AM
    Quote:
    In any case, if you had a PSN account, then you should be high alert for potential identity theft and fraud.


    It's funny, because if you go on the Playstation forums you'll see that most of the posters are more concerned about not being able to play their precious CoD or if they'll actually get cross game chat after this is all done.
  • Display all 55 comments.
  • 3 Hide
    senlis , May 1, 2011 5:23 AM
    alextheawesomeIt's funny, because if you go on the Playstation forums you'll see that most of the posters are more concerned about not being able to play their precious CoD or if they'll actually get cross game chat after this is all done.


    I have never bought anything on PSN, so I am not personally concerned with that. The only way PSN being down has affected me is that I cannot launch Netflix because, for some reason, Netflix makes you log into PSN.
  • 4 Hide
    kinggraves , May 1, 2011 5:47 AM
    Alright, well I have a feeling those posts are bluffs because they claim they even have CVVs. CVV2s are like the pin numbers of online transactions, they aren't meant to be saved or stored, so Sony shouldn't have that info in their databases. If they DID however save the CVVs, they made a huge mistake and should be completely liable for the mass fraud. Really, anyone can potentially be hacked in this way, and even encrypted info can be cracked, but leaving the secret code in the same spot is just asking for disaster. Keep in mind people could be trying to stir up trouble, so I'll believe it when I see it, but if this is all true, it's going to do serious damage to Sony's business.

    Maybe I'll be able to get one of those new Sony tablets for dirt cheap and drop a hacked version of PS Suite on it.
  • 0 Hide
    skyline100 , May 1, 2011 5:53 AM
    Hackers are rich!
  • 0 Hide
    alhanelem , May 1, 2011 6:49 AM
    luckily i got a PS3 AFTER psn went down... unluckily my ps3 got a ylod.... BUT luckily i fixed my ps3 using an oven.... dont ask...
  • 1 Hide
    TunaSoda , May 1, 2011 7:08 AM
    senlisI have never bought anything on PSN, so I am not personally concerned with that. The only way PSN being down has affected me is that I cannot launch Netflix because, for some reason, Netflix makes you log into PSN.

    You can get into Netflix fine still, just let the psn login fail twice, hitting back both times, works like a charm ;) 
    My CC info was not in their feeble database as you cannot use ANY CC's that are attached to PO boxes...
  • -1 Hide
    aaron88_7 , May 1, 2011 7:12 AM
    slayer10000ya you know what i hate to say this but any where you make account you have the chance of it getting hacked cause hackers have stopped going after banks but go after lower companys like gaming psn,xbox live ,blizzard the list goes on cause at the end of the day they dont have level of security that the banks have and safe guards

    You're living in a world of naïveté if you think hackers don't go after banks. Just because you don't read about them being hacked in the news doesn't mean it isn't happening. I'd be willing to bet security breaches at banking sites is much more common than most people could imagine.
  • 1 Hide
    senlis , May 1, 2011 7:25 AM
    aaron88_7You're living in a world of naïveté if you think hackers don't go after banks. Just because you don't read about them being hacked in the news doesn't mean it isn't happening. I'd be willing to bet security breaches at banking sites is much more common than most people could imagine.


    Thanks. I'll have to try that.
  • -4 Hide
    Anonymous , May 1, 2011 7:38 AM
    Play Call fo duty and crysis online with your PC with this MOD http://surreystore.com/Forums/pc-gaming/
  • 1 Hide
    TheWhiteRose000 , May 1, 2011 9:06 AM
    And this is why I am a PC gamer.
    ENTERTAINMENT!!!

    XD
  • 3 Hide
    memadmax , May 1, 2011 10:43 AM
    And the PC Gamers march on.........
  • 3 Hide
    vk_87 , May 1, 2011 10:45 AM
    Read this news already on another site. they are calling this a bluff by the hackers to put pressure on sony.
  • 0 Hide
    therandomuser , May 1, 2011 10:47 AM
    Ahh... Thank all the deities that I'm a PC man who loves his Steam. That and I still prefer to have the CD/DVDs before the digital download.

    Still though, sucks to be Sony right now. I can see this as their game breaker, pun somewhat intended. Who knows? Maybe W1+1 (don't like the sound of Wii2 or Wiiii) v Windows+XBox 720 will be the new gaming battle.

    As this console generation is reaching it's end life, we shall reminisce on overheating game consoles, barring the Wii, and some funky motion control catch-up from the Move/Kinect.
  • 1 Hide
    Ragnar-Kon , May 1, 2011 11:25 AM
    therandomuserStill though, sucks to be Sony right now. I can see this as their game breaker, pun somewhat intended. Who knows? Maybe W1+1 (don't like the sound of Wii2 or Wiiii) v Windows+XBox 720 will be the new gaming battle.As this console generation is reaching it's end life, we shall reminisce on overheating game consoles, barring the Wii, and some funky motion control catch-up from the Move/Kinect.

    Does suck to be Sony. Seemed they were almost to the point where they would put their bad press from lawsuits against hacker(s) behind them, and then this happens. Its a shame to, because the PS2 was one of the greatest, if they THE greatest system of all time (even though I didn't like it). The PS3 has been rocky since launch. The only really positive thing about the PS3 was the fact that PSN was free (minus PS Plus), but that doesn't do them any good if the PSN network is down. Luckily for Sony, I know tons of people who have bought the PS3 for the sole purpose of it being their Bluray/Netflix player.

    At the same time, they should have designed their network better. Not so hackers couldn't get in, because hackers will always find a way in. But they should have at least encrypted ALL private user information--it is just something that needs to be done, no matter what.

    Having said that, I highly doubt the hackers actually have credit card information. Seems to me they are just pretending like they have information to put further pressure on Sony. And if Sony really didn't encrypt credit card information, then I would suspect whoever is in charge of PSN security will be losing their job soon.

    But it is a good time to be a PC user. Games are cheaper, don't have to pay for some online service thing (Xbox Live), and the cooling of my system is completely up to me.
  • 0 Hide
    makaveli316 , May 1, 2011 12:35 PM
    I hope more hackers do the same with Xbox 360 accounts (i have a 360, no pc fanboy here), so maybe pc games developers will reserve more of their potential for the PC games. I want pc games like they used to be. I'm tired of this stupid kids console world.
  • 2 Hide
    jgalecio , May 1, 2011 12:41 PM
    kinggravesAlright, well I have a feeling those posts are bluffs because they claim they even have CVVs. CVV2s are like the pin numbers of online transactions, they aren't meant to be saved or stored, so Sony shouldn't have that info in their databases. If they DID however save the CVVs, they made a huge mistake and should be completely liable for the mass fraud. Really, anyone can potentially be hacked in this way, and even encrypted info can be cracked, but leaving the secret code in the same spot is just asking for disaster. Keep in mind people could be trying to stir up trouble, so I'll believe it when I see it, but if this is all true, it's going to do serious damage to Sony's business.Maybe I'll be able to get one of those new Sony tablets for dirt cheap and drop a hacked version of PS Suite on it.


    Hate to say this but Sony messed up on the CVV. You know why? Because when you create your PSN account and link a CC you are asked to put in the CVV. After that you are never asked the CVV again and just make purchases. Every other place I have ever shopped required me to use the CVV each and every time I made a purchase as most practices (except for Paypal) does not save any of your CC info except for shipping address. So yes they shoud have asked for CVV one time to verify CC info, but some bank may require the use of the CVV for security so Sony has to have it stored if a consuer adds funds to their PSN wallet with out being asked for the CVV ever again.
  • 2 Hide
    Anonymous , May 1, 2011 1:00 PM
    hahahahahahahha at all the SONY fan boys
  • 1 Hide
    Anonymous , May 1, 2011 1:04 PM
    The CVV is requested only the first time to authenticate to your individual console. Unnecessary to request again.
Display more comments
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS