Check your CCs and redo your PWs. They were stolen from SOE.
That sucks.
Edited, May 4th 2011 12:57pm by DSD
- Forums
- Cross Site
- The Asylum
- Heyyyy! Any of you ever play SOE games?
Heyyyy! Any of you ever play SOE games?Follow
More info here.
http://www.zam.com/forum.html?forum=22&mid=1303958011125432678&page=1
http://www.zam.com/forum.html?forum=22&mid=1303958011125432678&page=1
Shaowstrike (Retired - FFXI)
91PUP/BLM 86SMN/BST 76DRK
Cooking/Fishing 100
"We don't just borrow words; on occasion, English has pursued other languages down alleyways to beat them unconscious and rifle their pockets for new vocabulary."
— James D. Nicoll
91PUP/BLM 86SMN/BST 76DRK
Cooking/Fishing 100
"We don't just borrow words; on occasion, English has pursued other languages down alleyways to beat them unconscious and rifle their pockets for new vocabulary."
— James D. Nicoll
Yeah, olde topic is olde 
Luckily I've never actually subscribed to any, so my CC info is safe. And I already lost my email and such from the PSN hack.
IDrownFish wrote:
Anyways, you all are horrible, @#%^ed up people
lolgaxe wrote:
Never underestimate the healing power of a massive dong.
LockeColeMA wrote:
Yeah, olde topic is olde
If it wasnt posted here, I didnt see it :p
DSD wrote:
LockeColeMA wrote:
Yeah, olde topic is olde
If it wasnt posted here, I didnt see it :p
Haha, and truthfully it's only a week or so old. It's a pretty big deal - a friend of mine had his CC info stolen, and this is the most likely explanation.
DSD wrote:
Check your CCs and redo your PWs. They were stolen from SOE.
That sucks.
Edited, May 4th 2011 12:57pm by DSD
That sucks.
Edited, May 4th 2011 12:57pm by DSD
Argh. I hadn't heard this, so thanks. No activity on my old card, but might as well cancel it now anyway...I almost never use it.
I was just about to join so I could get dino crisis, now I have to wait.
I hope no one steals my old EQ Shadowknight!
Belkira wrote:
Wow. Regular ol' Joph fan club in here.
It sounds like the most they made off with was names, addresses and possibly some really old Euro CC info -
This is about their PC games though. Not sure if this also applies to PSN.
http://www.soe.com/securityupdate/ wrote:
Our ongoing investigation of illegal intrusions into Sony Online Entertainment systems has discovered that hackers may have obtained personal customer information from SOE systems. We are today advising you that the personal information you provided us in connection with your SOE account may have been stolen in a cyber-attack. Stolen information includes, to the extent you provided it to us, the following: name, address (city, state, zip, country), email address, gender, birthdate, phone number, login name and hashed password.
Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly.
There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.
Customers outside the United States should be advised that we further discovered evidence that information from an outdated database from 2007 containing approximately 12,700 non-US customer credit or debit card numbers and expiration dates (but not credit card security codes) and about 10,700 direct debit records listing bank account numbers of certain customers in Germany, Austria, Netherlands and Spain may have also been obtained. We will be notifying each of those customers promptly.
There is no evidence that our main credit card database was compromised. It is in a completely separate and secured environment.
This is about their PC games though. Not sure if this also applies to PSN.
Jophiel wrote:
I hope no one steals my old EQ Shadowknight!
Sorry, too late.
I'm reeling in the gnolls over here.
I dunno. I heard it affdected all SOE and even EQ2 has been shut down indefinitely =(
DSD wrote:
I dunno. I heard it affdected all SOE and even EQ2 has been shut down indefinitely =(
Yeah, all SOE games are offline until they can fix this. I think they might try to bring them back up tonight, but that's not for sure.
I've been playing everquest and eq2 off and on since beta. Just switched all my cards over in case. I am definitly not thrilled about this. I see SOE getting sued out of existance as a very real possibility too, which could mean the end of everquest as we know it entirely. Sure an outside hacker was to blame, but somewhere along the line, someone at SOE had to have ****** up to an incredible degree to have even allowed this to occur.
Arch Duke Kaolian Drachensborn, lvl 95 Ranger, Unrest Server
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
Great, now someone's going to drain the last 13 cents from my bank account.
I haven't played an SOE game in so long, I'm pretty sure any CC info they might have taken is expired by now.
People don't like to be meddled with. We tell them what to do, what to think, don't run, don't walk. We're in their homes and in their heads and we haven't the right. We're meddlesome. ~River Tam
Sedao
Sedao
what games does SOE do? nvm they probably suck anyway.
HEY GOOGLE. **** OFF YOU. **** YOUR ******** SEARCH ENGINE IN ITS ******* ****** BINARY ***. ALL DAY LONG.
Dread Lörd Kaolian wrote:
I've been playing everquest and eq2 off and on since beta. Just switched all my cards over in case. I am definitly not thrilled about this. I see SOE getting sued out of existance as a very real possibility too, which could mean the end of everquest as we know it entirely. Sure an outside hacker was to blame, but somewhere along the line, someone at SOE had to have @#%^ed up to an incredible degree to have even allowed this to occur.
The bad PR alone would be bad enough but today I've read that McPhadden Samac Tuovi, a Toronto law firm, has proposed a class action lawsuit against Sony Japan, Sony USA and Sony Canada for breach of privacy. The lawsuit claims damages in excess of $1 billion, including the cost of credit monitoring services and fraud insurance for those affected for two years.
Sued out of existence indeed
Donbayne 100 Rng - Uinian 100 Dru - Breru 100 Sk - Nyenie 82 Brd - Ruusan 76 Clr - Braru 75 Mag - Syqen 100 Shm EQ Stromm/Luclin
They got logins as well, but not passwords, and also email addresses. So watch out for any phishing scams, and change any passwords you might have had emailed (assuming you don't do that right away, which most of us would, I'm sure).
In a time of universal deceit, telling the truth is a revolutionary act.
I saw a lengthy article detailing why a class action lawsuit is actually essentially pointless in this case.
In a class action suit, you actually need to give adequate evidence of damages. That's nearly impossible in this case--how do you quantify how much your name, email and address are worth? The credit cards are obviously worse, but it works in Sony's favor that the database they lost was from 07/08 or something. Few of those are still valid.
And the fact remains that it is quite easy to cancel those cards and request a new one. So a court isn't going to really care. It isn't like it was a database of SSNs that was lost.
On top of that, you need to prove that Sony's actually liable for the breach, which is going to be incredibly difficult. No system is unbreakable as long as it is connected to a network--it's a crappy truth about the world. Unless there's a clear sign of negligence somewhere, a court probably isn't going to hold Sony responsible.
Really, the strongest claim people actually have is that Sony's delay in alerting customers might have compromised some subscribers further. But that's still not something that you can really quantify into actual damages.
Now add in the fact that they've brought in gov't agencies and private security firms to investigate the attack, and it's going to be even harder to make a case against them. Especially since neither of them are likely to publicly state that Sony was at fault, and why, to the public.
Finally, afaik, the PSN and SOE hacks were actually separate attacks that happened at the same time (and those two databases are separate entities). That lends support to Sony's claim, as their resources were spread thin right from the start in dealing with multiple breaches. It also suggests that the attackers were a large, well-equipped group, such that they could manage such a huge job.
Realistically, their biggest concern at this point is PR. Which is significant in and of itself. The fact that they have some of the worst I've seen won't to help their case. They should have alerted customers no later than the day after they confirmed a hack.
The minute I found out, I enabled a 2-step login on my gmail. Luckily, I've been in a slow process over the past few months of changing all my passwords anyway, so few of them are the same as my PSN password.
Edited, May 4th 2011 7:41pm by idiggory
In a class action suit, you actually need to give adequate evidence of damages. That's nearly impossible in this case--how do you quantify how much your name, email and address are worth? The credit cards are obviously worse, but it works in Sony's favor that the database they lost was from 07/08 or something. Few of those are still valid.
And the fact remains that it is quite easy to cancel those cards and request a new one. So a court isn't going to really care. It isn't like it was a database of SSNs that was lost.
On top of that, you need to prove that Sony's actually liable for the breach, which is going to be incredibly difficult. No system is unbreakable as long as it is connected to a network--it's a crappy truth about the world. Unless there's a clear sign of negligence somewhere, a court probably isn't going to hold Sony responsible.
Really, the strongest claim people actually have is that Sony's delay in alerting customers might have compromised some subscribers further. But that's still not something that you can really quantify into actual damages.
Now add in the fact that they've brought in gov't agencies and private security firms to investigate the attack, and it's going to be even harder to make a case against them. Especially since neither of them are likely to publicly state that Sony was at fault, and why, to the public.
Finally, afaik, the PSN and SOE hacks were actually separate attacks that happened at the same time (and those two databases are separate entities). That lends support to Sony's claim, as their resources were spread thin right from the start in dealing with multiple breaches. It also suggests that the attackers were a large, well-equipped group, such that they could manage such a huge job.
Realistically, their biggest concern at this point is PR. Which is significant in and of itself. The fact that they have some of the worst I've seen won't to help their case. They should have alerted customers no later than the day after they confirmed a hack.
Quote:
They got logins as well, but not passwords, and also email addresses. So watch out for any phishing scams, and change any passwords you might have had emailed (assuming you don't do that right away, which most of us would, I'm sure).
The minute I found out, I enabled a 2-step login on my gmail. Luckily, I've been in a slow process over the past few months of changing all my passwords anyway, so few of them are the same as my PSN password.
Edited, May 4th 2011 7:41pm by idiggory
IDrownFish wrote:
Anyways, you all are horrible, @#%^ed up people
lolgaxe wrote:
Never underestimate the healing power of a massive dong.
Samira wrote:
They got logins as well, but not passwords, and also email addresses. So watch out for any phishing scams, and change any passwords you might have had emailed (assuming you don't do that right away, which most of us would, I'm sure).
they didn't get the passwords, but they got the encrypted hashes, which could be almost as bad. A given hash will decrypt to certain possibilities, and given enough samples where they might know what the actual password was, they could likely reproduce and reverse engineer the encryption to a point where they might be able get something out of it. Cracking one encrypted password using an encryption algorythim is nearly impossible, cracking 7 million samples all encoided using the same algorythm where you know at least 10% of them probably used a stupid password that wont even require a brute force and you have a much better chance.
Arch Duke Kaolian Drachensborn, lvl 95 Ranger, Unrest Server
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
Quote:
they didn't get the passwords, but they got the encrypted hashes, which could be almost as bad. A given hash will decrypt to certain possibilities, and given enough samples where they might know what the actual password was, they could likely reproduce and reverse engineer the encryption to a point where they might be able get something out of it. Cracking one encrypted password using an encryption algorythim is nearly impossible, cracking 7 million samples all encoided using the same algorythm where you know at least 10% of them probably used a stupid password that wont even require a brute force and you have a much better chance.
But what can they actually do with them? All of Sony's services are down, and users are being forced to change their passwords when they come back up.
You're only in trouble if you use the same password for multiple things. And if you haven't changed them by now...
IDrownFish wrote:
Anyways, you all are horrible, @#%^ed up people
lolgaxe wrote:
Never underestimate the healing power of a massive dong.
Sure, agreed. I always make passwords as strong as the app allows, so I'm not too worried that they'll crack mine before I can change them.
As for damages, hard to say. Depends on the court, I guess. Some judges might take the case specifically to send a message about how seriously government entities take online confidentiality.
As for damages, hard to say. Depends on the court, I guess. Some judges might take the case specifically to send a message about how seriously government entities take online confidentiality.
In a time of universal deceit, telling the truth is a revolutionary act.
Quote:
You're only in trouble if you use the same password for multiple things. And if you haven't changed them by now...
You'd be amazed at how many people use the same passwords. And not everyone follows the news about games they played ten years ago.
In a time of universal deceit, telling the truth is a revolutionary act.
Quote:
Sure an outside hacker was to blame,
Guildies mentioned they heard it was someone on the inside who was laid off. Lemme see if I can find the info.... here it is
Quote:
According to online reports, Sony had fired ~200 employees from SOE a few days before the PSN massive attack which led to the compromise of user personal information. A 2 week notice was handed out on March 31st, 2011 which gave whomever enough time to think, plan and act on the PSN attack – and would have all the clearance to easily to do it . Whats even worse is that if it DID turn out to be a inside job then the ex-employee could potentially have the tools to un-hash the stolen passwords and possibly even have the tools/resources to decrypt the important information such as your credit card numbers
Well, my SOE password is different from any other password, so I'm not worried about them figuring it out somehow and getting into my other stuff. Also, my bank password isn't the same as any other password.
I've not seen any weird emails or an increase in spam yet either.
I've not seen any weird emails or an increase in spam yet either.
Recent Visitors: 228
All times are in CST
Anonymous Guests (228)
- Forums
- Cross Site
- The Asylum
- Heyyyy! Any of you ever play SOE games?
© 2024 Fanbyte LLC