back to article Sony closes PC games site over security 'concern'

Sony shut down its website for online PC games on Monday, almost two weeks after it closed the PlayStation Network following a criminal intrusion that stole personally identifiable information from 77 million account holders. The move by Sony Online Entertainment affects online playing of games such as Everquest, Dungeon …

COMMENTS

This topic is closed for new posts.
  1. Getter lvl70 Druid

    Damn...

    ...Sounds like a bonus double XP weekend coming up.... You would think due to the internet exposure of Station, there would be a little more attention and security paid to it. Ah well.

    Made the switch to purchasing game cards rather than letting SOE bill me a while back because of funny things occurring amongst my EverQuest accounts - this justifies the effort nicely.

    1. bikerboi87

      title not required

      It already is a double XP weekend. Was looking forward to a day of Star Wars Galaxies....

      Might have to copy your idea of the game cards though.....

  2. Oninoshiko
    Grenade

    Sony needs to track down the bastards that did this....

    and hire them.

  3. HiTechBrew.com

    I hope they track them down! How to secure your password(s)...

    Very troubling news. Make sure you you've also changed your passwords and use strong passwords that are unique to each system and service. How is the difficult part... I use LastPass and the techniques found here -> http://hitechbrew.com/password-recreational-browsing/

    1. Daniel B.
      FAIL

      Bad Luck Moment

      I've been doing that with all new website logins, and those that I remember about. Unfortunately, my PSN account and the Twitter one weren't on my "sensitive" list. They shared the same password. That would explain the mystery twits sent under my account sending spam about "make more money!" about 2 weeks ago.

      Now I still can't get to reset my password on the PSN. Damn!

  4. David Schmidt
    Pirate

    Who's crime is it, anyway?

    "...following a criminal intrusion" - who has committed the crime here? The charlatans storing customer details in cleartext, or the crims who swiped them? Perhaps both?

  5. Sam Liddicott

    Sony must really be wondering...

    Sony must really be wondering if it was worth it.

    I'm sure any other megacorp is having second thoughts about on the iron fist.

    The general plan is to keep people wanting to give you money.

    Sony failed, and now meta-failed by making big enemies - who, by not being commercial enemies, weren't "on their radar" in a business sense but should have been.

  6. Martin Lyne

    Station

    From my PlanetSide days, I remember Station.com being a bloody nightmare. If something feels that ropey to use, probably set up just as shambolically.

    Same thing I feel when using Codemasters' website. Sigh.

  7. Anonymous Coward
    Grenade

    I COULD care less, but

    That would take more effort than it's worth.

  8. Anonymous Coward
    Anonymous Coward

    You liars, Sony...

    Sony have changed their statement yet again...!

    http://blog.us.playstation.com/2011/05/02/playstation-network-security-update/

    >But I want to be very clear that the passwords were not stored in our database in cleartext form

    Even though they openly said that they weren't encrypted a week ago.

    Maybe they should move out of the entertainment industry and become politicians. I'm sure they'd be good at it.

    1. Anonymous Coward
      Anonymous Coward

      Haven't changed their statement

      Yes, not encrypted.

      Yes, not stored as plain text.

      Yes, stored as hash (like many sites).

      Yes, because of hash, weak passwords with known hashes are vulnerable (not sure if they salted the passwords before hash. If so a little better until someone works out the salt).

  9. Mikel

    Not Sony's year

    They're just having all sorts of bad press these days.

  10. Anonymous Coward
    FAIL

    I wonder....

    ..if Sony have checked for any rootkits on their systems?

    1. foo_bar_baz
      Thumb Up

      Oh yeah

      This made me snort.

  11. Doug Glass
    Paris Hilton

    Do Tell

    And all those poor trusting souls have been denied their games. Not to mention the root kit specialists letting the data get out for a second time.

    Boy ah surely am glad this good ol' boy dumped all things Sony a while back. Made money doin' it too.

    Paris because we all know a sucker when we see one.

  12. Anonymous Coward
    Anonymous Coward

    Re:Not encrypted

    A week ago they were saying the PSN passwords were not encrypted, the SOE system is entirely separate as a division. PSN != SOE, or for the less technical of you PSN <> SOE, or for the even less technical "they're bloody different systems you morons!"

    Paypal is owned by eBay. Does this mean that what applies to one always has to apply to the other? Yes there is a fair chance they share code and procedures but there is equally good chance they differ in significant ways. They also own Skype, does this mean that Skype's servers and those of Paypal run with the same kind of security measures? Heck no.

    1. Rob Moir

      If they're different systems...

      then that just makes the problem worse. That means that two separate systems were broken into

  13. Anonymous Coward
    Unhappy

    Why would anyone trust a company...

    ...that puts rootkits on customers' machines?

    1. Paul 129

      Options

      Hmm let me see. Nintendo (Twee). M$ The evil empire. Or Sony DRM everything, even if its not theirs.

      For a company that tries to push DRM down your throats, this fail must really hurt.

  14. Gordon861

    Got Email Today

    I got an email from Sony this morning ...

    "We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password. Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) – we will be notifying each of those customers promptly."

    Oh shit ...

    So how can they possibly ever open the system up again?

    As soon as they open it up the hackers will probably be trying to us the login details to hijack the accounts.

    The only thing they could possibly do would be to send you an email to the listed email address to allow you to change passwords before making the game servers live again, but you can bet the hackers will also be sending out very similar emails in the next few weeks.

    So they may have to resort to old style snail-mail to contact all the account holders as this is the only possible way they can guarantee that the right person gets the contact.

    I knew SOE/Sony were a shit company after the way they treated us during the SWG NGE mess, but I never knew they would be this bad.

  15. Crofty616
    FAIL

    In an email from them this morning:

    "Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) – we will be notifying each of those customers promptly."

    Fun times!

This topic is closed for new posts.

Other stories you might like