PSN breach: Sony doubts veracity of stolen credit card list
- Posted May 2nd, 2011 at 20:00 EDT by Eric Blattberg
- 5 Comments
Sony today stated that it doubts the existence of a stolen credit card list, which allegedly holds millions of card numbers in addition to information like users’ addresses, birth dates, phone numbers, and email addresses with passwords.
"One report indicated that a group tried to sell millions of credit card numbers back to Sony," said Patrick Seybold, SCEA senior director of corporate communications. "To my knowledge there is no truth to this report of a list, or that Sony was offered an opportunity to purchase the list."
Seybold also clarified the manner in which Sony stored PlayStation Network passwords.
"While the passwords that were stored were not 'encrypted,' they were transformed using a cryptographic hash function," continued Seybold. "There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form."
For an explanation of Hash vs Encryption, click here.
Sony also reasserted that it will never request information like credit card number, social security number, or other personally identifiable information from PlayStation Network users. If you do receive such requests from "Sony," disregard it them — they're phishing attempts.
"We continue to work with law enforcement and forensic experts to identify the criminals behind the attack," concluded Seybold. "Our objective is to increase security so our customers can safely and confidently play games and use our network and media services."
- 3:02pm EDT - May 2nd, 2011
I doubt it too, lol.
Syphon_Filter | Syphon_Filter2
- 3:29pm EDT - May 2nd, 2011
I keep checking on my master card and nothing is happening. So, I guess they are lying about the credits cards and they are not stolen as Sony said.
- 3:36pm EDT - May 2nd, 2011
@2 - One credit card without fradaulent charges (thus far) is hardly sufficient proof discounting the notion that CC details may not be entirely secure. I mean, they most likely are, but it's always better to be safe than sorry.
- 3:42pm EDT - May 2nd, 2011
i dont wanna give any info to sony again - why do they need it? why do they need to know where i live or my phone number so i can play online?
They have taken alot of s**t lately tho - LG bluray court case, georghe hotz, anonymous etc
- 5:45pm EDT - May 2nd, 2011
@4 maybe you win something in a contest or something like that... Then they have no idea who to call or send it to.
This will permanently ban this user and delete all associated comments. This action is irreversible, are you SURE you want to do this?!