I laughed at my mate:

Wrongly Jailed Security Whistleblower Caught Up in PlayStation Hacker Hunt

http://www.wired.com/threatlevel/2011/0 ... =Google+UK

As GeoHot pointed out, Sony should probably ditch a few lawyers and hire more engineers

Sony closes PC games site over security 'concern'



From El Reg

To the failboat!

Sony debunks 'credit card list sale' reports

http://www.computerandvideogames.com/29 ... e-reports/

So why didn't you state that clearly the first time with your lengthy Q+A? Not that anyone would have trusted you over it

I think MS, Apple, Dell and the DSG should make sure Sony haven't nicked their stash of FAIL...

Lordy - are we looking at a dominoes effect here?

All I know is, even Nintendo are struggling to shift novelty consoles - Nintendo for goodness sake!

I'll have a meat feast if your going......

Yes but they are at a stupid price. No wonder they are not selling.

Sony Online Entertainment has issued a press release to UK and EU customers regarding the "illegal intrusions" from hackers that the company has reported.

The text, which you can read below in full, repeats much of the global press release the company sent out last night.

It mentions Sony's promise of outlining a "make good plan" for its PS3 MMOs DC Universe Online and Free Realms. News of the attack comes after Sony admission last week that the details of 77 million people had been illegally accessed via its PlayStation Network.

The details of over 24 million SOE customers "may" have now also been accessed by hackers via Sony Online Entertainment's database, the firm has admitted. Sony's latest release reads:

Sony Corporation and Sony Computer Entertainment announced today that their ongoing investigation of illegal intrusions into Sony Online Entertainment LLC (SOE, the company) systems revealed yesterday morning (May 2, Tokyo time) that hackers may have stolen SOE customer information on April 16th and 17th, 2011 (PDT). SOE is based in San Diego, California, U.S.A.

This information, which was discovered by engineers and security consultants reviewing SOE systems, showed that personal information from approximately 24.6 million SOE accounts may have been stolen, as well as certain information from an outdated database from 2007. The information from the outdated database that may have been stolen includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card security codes), and about 10,700 direct debit records of certain customers in Austria, Germany, Netherlands and Spain.

With the current outage of the PlayStation Network and Qriocity services and the ongoing investigation into the recent attacks, SOE had also undertaken an intensive investigation into its system. Upon discovery of this additional information, the company promptly shut down all servers related to SOE services while continuing to review and upgrade all of its online security systems in the face of these unprecedented cyber-attacks.

On May 1, Sony apologized to its customers for the inconvenience caused by its network services outages. The company is working with the FBI and continuing its own full investigation while working to restore all services.

Sony is making this disclosure as quickly as possible after the discovery of the theft, and the company has posted information on its website and will send e-mails to all consumers whose data may have been stolen.

The personal information of the approximately 24.6 million SOE accounts that was illegally obtained, to the extent it had been provided to SOE, is as follows:

* name
* address
* e-mail address
* birthdate
* gender
* phone number
* login name
* hashed password.

In addition to the information above, the 10,700 direct debit records from accounts in Austria, Germany, Netherlands and Spain, include:

* bank account number
* customer name
* account name
* customer address.

SOE will grant customers 30 days of additional time on their subscriptions, in addition to compensating them one day for each day the system is down. It is also in the process of outlining a "make good" plan for its PlayStation3 MMOs (DC Universe Online and Free Realms). More information will be released this week.

Additionally, the company is committed to helping its customers protect their personal data and will provide a complimentary offering to assist users in enrolling in identity theft protection services and/or similar programs. The implementation will be at a local level and further details will be made available shortly in each region.

Sony Online Entertainment LLC (SOE) has been a recognized worldwide leader in massively multiplayer online games since 1999. Best known for its blockbuster hits and franchises, including EverQuest, EverQuest II, Champions of Norrath, PlanetSide, Free Realms, Clone Wars Adventures, and DC Universe Online, SOE creates, develops and provides compelling online entertainment for virtually all platforms, including the PlayStation3 Computer Entertainment System, Personal Computer, mobile and social networks. SOE is building on its proven legacy and pioneering the future of the interactive entertainment space through creative development and inspired gameplay design for audiences of all ages. To learn more, visit www.soe.com.

http://www.computerandvideogames.com/29 ... e-in-full/



Do you reckon Sony's brass neck gets cold in winter, or do they wind it in just a little bit

This gets worse for Sony every day.

You mean like this?:

Security Expert: Sony Knew Its Software Was Obsolete Months Before PSN Breach

In congressional testimony this morning, Dr. Gene Spafford of Purdue University said that Sony was using outdated software on its servers — and knew about it months in advance of the recent security breaches that allowed hackers to get private information from over 100 million user accounts.

According to Spafford, security experts monitoring open Internet forums learned months ago that Sony was using outdated versions of the Apache Web server software, which "was unpatched and had no firewall installed." The issue was "reported in an open forum monitored by Sony employees" two to three months prior to the recent security breaches, said Spafford.

Spafford made his comments in a hearing convened by the House Subcommittee on Commerce, Manufacturing, and Trade. Sony was invited to participate in the hearing, but declined to attend. In a letter to the committee, Sony said it has added automated software monitoring and enhanced data security and encryption to its systems in the wake of the recent security breaches.

"If Dr. Spafford's assessment is accurate, it's inexcusable that Sony not only ran obsolete software on servers containing confidential data, but also that the company continued to do so after this information was publicly disclosed," said Jeff Fox, Consumer Reports Technology Editor.

http://consumerist.com/2011/05/security ... reach.html

Not hard to believe, is it?

Sony: data theft occurred while we were "distracted"

http://www.pcpro.co.uk/news/security/36 ... distracted

Hope the US tear Sony a new one...

Running old out dated software without firewalls and AV sounds pretty incompetant.

It's also very common. Look at this forum for example, I think it's 5 releases behind with known vulnerabilities although I've not checked too hard...