If it wasn't so serious for PSN users, third-parties, related companies and Sony itself, then the following 'Timeline Update' for the PlayStation's online system would be hilarious in its complete lack of information
"I know you all want to know exactly when the services will be restored. At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process."
So says the beleaguered Head of Communications at Sony Computer Entertainment Europe, Nick Caplin on the PlayStation Blog.
In short, "Leave us alone to get on with it palllleeeese!"
At least SCEE is 'on message' with SCEA whose Senior Director of Corporate Communications & Social Media, Patrick Seybold, says: "I know you all want to know exactly when the services will be restored. At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process."
Yup, totally on message.
"I know you all want to know exactly when the services will be restored. At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process."
So says the beleaguered Head of Communications at Sony Computer Entertainment Europe, Nick Caplin on the PlayStation Blog.
In short, "Leave us alone to get on with it palllleeeese!"
At least SCEE is 'on message' with SCEA whose Senior Director of Corporate Communications & Social Media, Patrick Seybold, says: "I know you all want to know exactly when the services will be restored. At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process."
Yup, totally on message.
Companies:
Sony
Read More Like This
Comments
miffy_swans 11 May 2011 11:42
1/8
i will never ever trust sony again, what a bunch of amatures they are, not protecting our credit card details is absolutley shocking!!! bye bye sony and hello XBOX 360
DrkStr 11 May 2011 12:13
2/8
@miffy_swans Our credit card details were protected, by firewalls, up-to-date software and encryption. Stop spreading lies!
more comments below our sponsor's message
dappa1975 11 May 2011 14:08
3/8
sony are sorting it out - I tell you guarantee that it wont happen again.
plomn350z 11 May 2011 15:20
4/8
im sick of hearing all these people complaining about this fair doos they had a breach but hey s**t happens least theyre taking there time to improve so this cant happen again if ur that pissed an wanna switch to xbox fine bugger off shows how much you supported sony in the first place
thedude 12 May 2011 02:20
5/8
@DrkStr you should stop spreading lies. I was sent an e-mail from sony that claimed my credit card info had possibly been accessed. Goodbye PSN, wake up DrkStr and join the force. Xbox gained another.
miacid 12 May 2011 07:44
6/8
@thedude Everything is DrkStr said is true, SPOnG even ran an article about it I believe, try reading up on these first:
Opinion// PlayStation Network Hack Analysis
Opinion// PlayStation Network & the Credit Card Theft Storm
The truth of the matter is it appears Sony did everything correctly to secure our data, yes it might be true that encrypted credit card details were stolen but they won't have the CVV number (last 3 digits on the back of your card, you get asked for when making an online transaction), plus if people have setup a SecureCode with MasterCard of Visa, it is going to make these card details even hard to use.
At the end of the day we have to take as much responsibility for our own protection as much as the company we trust with out data.
Opinion// PlayStation Network Hack Analysis
Opinion// PlayStation Network & the Credit Card Theft Storm
The truth of the matter is it appears Sony did everything correctly to secure our data, yes it might be true that encrypted credit card details were stolen but they won't have the CVV number (last 3 digits on the back of your card, you get asked for when making an online transaction), plus if people have setup a SecureCode with MasterCard of Visa, it is going to make these card details even hard to use.
At the end of the day we have to take as much responsibility for our own protection as much as the company we trust with out data.
DrkStr 12 May 2011 07:59
7/8
thedude wrote:
@DrkStr you should stop spreading lies. I was sent an e-mail from sony that claimed my credit card info had possibly been accessed. Goodbye PSN, wake up DrkStr and join the force. Xbox gained another.
I got the same email. I also read the other announcements that clarified what was said in that email.
The credit card database was encrypted, but Sony can't rule out the fact that the hackers may have looked at it and extracted some of the encrypted data. The encrypted database was held on a back-end server, separate from the ones that run the PSN application. All the servers were behind up-to-date firewalls.
If hackers did access the encrypted data then it would take years to crack the encryption without the encryption keys. And even if they had those keys, or managed to crack the encryption without them, they still wouldn't have the security code that is required to make an online purchase.
Our credit card details are actually pretty safe, it's the way these systems are designed, even if they are hacked and the data is stolen, it's still not usable by the hackers.
config 12 May 2011 09:05
8/8
@miffy_swans a database full of card details secured using AES-256 and industry standard encryption techniques is pretty much useless - without the encryption keys and knowledge of other factors used in the encryption process it may as well be a blank database.
Sure you could try to brute force open the encryption with a ton of computing power, but it'd be unlike to get a result inside your lifetime and that would only give you a single card number - all the others would need the same amount of time (again, assuming the recommended approach is taken and it's not just secured with a single password)
From Wikipaedia
So frankly, it would cost so much and take so long - why bother? There's other lower hanging, less secure card data out there for hacker to have at - but you probably won't hear about those intrusions.
Sure you could try to brute force open the encryption with a ton of computing power, but it'd be unlike to get a result inside your lifetime and that would only give you a single card number - all the others would need the same amount of time (again, assuming the recommended approach is taken and it's not just secured with a single password)
From Wikipaedia
"A device that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would in theory require about 3×10^51 years to exhaust the 256-bit key space"
So frankly, it would cost so much and take so long - why bother? There's other lower hanging, less secure card data out there for hacker to have at - but you probably won't hear about those intrusions.