AfterDawn: Tech news

Sony admits up to 10 million credit card numbers may have been compromised

Written by Andre Yoskowitz @ 02 May 2011 3:06 User comments (26)

Sony admits up to 10 million credit card numbers may have been compromised Speaking over the weekend, PlayStation head Kaz Hirai admitted that up to 10 million user's credit card info were possibly stolen.
Apologizing, Hirai says: "We deeply apologize for the inconvenience we have caused."

The company does say that it does not believe any credit card info was actually stolen, but it is the first admission that comes complete with a figure.

When the PSN relaunches this week, everyone will need to download a system update and change their passwords.

As a small form of compensation, Sony will start a "Welcome Back" program, offering up some "entertainment content" for free and a free 30-day subscription to the premium PlayStation Plus.

Tags: Sony PS3 PSN
Previous Next  

26 user comments

12.5.2011 16:04

The key word is "Believe"...sometimes you can see the data right in front of you, and you just can't believe it...for instance, I can't believe that sony is so full of crap...but they seem to be.

22.5.2011 16:09

Originally posted by lissenup5:
How is it that They "admit up to 10 million CC numbers may have been compromised" but then again say "we don't beleive any CC info was actually stolen"?????

Sounds like Sony BS'ing, backtracking and frankly covering their asses.




Those two quotes don't contradict each other. They don't believe any info was stolen but, if it was, it could be up to 10 million.

Let me also point out that I haven't actually seen any direct quotes from the interview itself, only headlines. I have read some people saying he said only 10 million odd accounts out of the 77 million had CC details attributed to them though, again, whether that's what he said or not I can't confirm.

Seems to me not to matter anyway, cancel your card and inform your bank that your info may have been stolen seems the most sensible thing to do.

32.5.2011 17:25

Why wait? Just cancel your credit card and they will issue you a new one for no extra charge. I just did that about an hour ago and will receive a new card shortly.

Is it really worth your time or take a chance to wait and see if someone will use your information? Take the next step and protect yourself and get a new account number for your credit card. It took me no more than a total of 5 minutes.

Now we can drop this story about credit card information might or might not be comprise... take the control out of their hands and make the first move.

43.5.2011 01:02

After all this bullshit sony just might turn into sega!

53.5.2011 07:10

Sony hit by second security breach:
Hackers breached SOE (Sony Online Entertainment) network as well as PSN and Qriocity streaming music service, Sony said on Monday (it discovered the break-in of its SOE PC games network on May 2nd.)

http://goo.gl/fb/0Pf5N
http://aje.me/mptomQ

SOE Press Release:
http://bit.ly/luZtEc

This message has been edited since its posting. Latest edit was made on 03 May 2011 @ 8:17

63.5.2011 08:03

HAHA Whats funny is watching sony try and paint a picture of ...

"... we had no idea this had happened, the moment we did we shut it all down to protect you and are making it stronger, the moment we knew we had the information we let you know."

Where as the reality was in feburary (2 months before) : http://arstechnica.com/gaming/news/2011/02/report-psn-hacked-showing-stunning-lack-of-credit-card-security.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss

it was already shown that credit card numbers and other information was at risk... 2 months before...!

Sony should have shut it down at this point if you ask me, instead they appear to have started plans to implement new security, as discussed in the video found at: http://www.irwebcasting.com/110501/02/3a33cc2c90/index.html

And alas for them the gun went off before they could reach cover... or at least that's how its looking to me.

But the announcement in February was an early warning... one that wasn't taken seriously enough...

What im surprised about is the lack of response from the financial institutions and banks who will have to sort out the large mess this has left with customers.... i cant imagine they are all full of sunshine at the moment ....

73.5.2011 08:27

Originally posted by g_slide:
Why wait? Just cancel your credit card and they will issue you a new one for no extra charge. I just did that about an hour ago and will receive a new card shortly.

Is it really worth your time or take a chance to wait and see if someone will use your information? Take the next step and protect yourself and get a new account number for your credit card. It took me no more than a total of 5 minutes.

Now we can drop this story about credit card information might or might not be comprise... take the control out of their hands and make the first move.
I totally agree...I killed my card the moment I found out about the possibility of it being leaked, and I already have a new card. If Sony had any belief that these numbers might not have been stolen, they wouldn't have said anything at all. If you are waiting for the people who stole this information to get smart and start offering to sell it in smaller pieces, then you deserve identity theft.

83.5.2011 09:45

Saw an interesting report on all this on the 7.30 Report A.B.C. (Australia) tonight. I hope some of you guys can see it. Fairly extensive, it says amongst other things Sony say they have lost the credit card numbers but not the 3 to 4 number security codes. I know from personal experience if they have your other details then iTunes for one will let somebody try repeatedly till they get the right one... 3 numbers = 1000 tries, no big deal for a bot. (If you want more details to that story then ask).

It's also suggested that while the scale was massive, Sony whilst neglectful, is not the only vulnerable company that keeps personal info on file.

Security experts have stated that it is understandable that Sony did not know for a while what exactly was taken (read: copied with logs maybe tampered with as well), but it was seen as neglectful to delay warning customers nevertheless.

It's also seen as quite possible that lots of the numbers and info will be sold on the net... with those being broken up into smaller lots and resold etc, etc. It, therefore, is possible for Sony CC fraud to pick up over time even if it is not happening now. So getting a cancellation and reissuing of your CC now seems to be wise advice. Even if the bank has to cover you it's still a real bore dealing with it. Take my word for it.

I should also mention that at no time during the above report was the Anonymous organisation mentioned.

Plaz, I have to compliment you on your research.

Enthusiasts who claim that Sony have nothing to apologise for should tell that to the CEOs, footage of them doing just that at large press conferences can be seen in the above 7.30 Report. LOL
_________________________________________________________________

This message has been edited since its posting. Latest edit was made on 03 May 2011 @ 10:11

93.5.2011 11:01

sony please put the north america psn internet back because the people are selling your ps3.
over like 2 million people because you didnt put back the psn network back.
we like you to the playstation network back in the full working just look the comments we are put because most of these people that offline are wait the internet to coming in there ps3.

103.5.2011 11:03

Card is canceled. New card number issued. Changed my PO Box. Sony lost me as a customer when they said they couldn't do anything for the downloaded video content on my fried PS3. Then they started to debate ownership rights of the PS3 hardware. Now they can't even keep users private information private.

Sony can suck it.

113.5.2011 11:08

GUYS GUYS AND GIRL AND GIRL I HEAR THAT the ps3 internet of north america is coming
back on sunday hahahahahahahahahahahahahahahahahahahahahah lolololololololololol

This message has been edited since its posting. Latest edit was made on 03 May 2011 @ 11:10

123.5.2011 12:07

Originally posted by Ben79:
...Sony lost me as a customer when they said they couldn't do anything for the downloaded video content on my fried PS3...
What fried it?


133.5.2011 14:55

Originally posted by KillerBug:
The key word is "Believe"...sometimes you can see the data right in front of you, and you just can't believe it...for instance, I can't believe that sony is so full of crap...but they seem to be.
I don't agree with hackers putting innocent people off.
However, I do things legally... I just refuse to buy anything associated with Sony and Sony products.

Best hurt is to hit them in the pocketbook.
If enough people join in in a class action suit that is cool.
Much more effective then a run-of-muck vigilante BS.
Jeff
This message has been edited since its posting. Latest edit was made on 03 May 2011 @ 2:56

143.5.2011 16:17

I think some of you are missing the point. Now from what I have read the hackers got the CVS code on the back of the card. So trying to buy anything could happen,and they did get all the Personal Information meaning your address,Email and stuff like that.
The problem comes in when a PS3 user uses the same security question & answer that they have on their Credit Cards.
I know some are saying stupid, well it is hard from some to come up with answers that you'll remember at a time when need to get a new card or lost it. And if that is the case some folks could find out the hard way that a card has already been issued, or another card. That would really suck if that has happened.

As for me I gave up on Sony Products a long time ago, part of me loves seeing the PSN get hacked. But the other part hates it since I have had my Identity stolen by some punk to get credit cards,cell phone & other stuff. So for those folks I really feel for you, and know how you all feel.

And if you do feel angry when you get that letter in the mail, from the Lawyers for a class action suit do follow through with it. That would be a sign for all companies that have services like this have security like that of the Pentagon.

This message has been edited since its posting. Latest edit was made on 03 May 2011 @ 4:23

153.5.2011 16:33

Originally posted by PirateDan:
And if you do feel angry when you get that letter in the mail, from the Lawyers for a class action suit do follow through with it. That would be a sign for all companies that have services like this have security like that of the Pentagon.


Is not wise to go into Class Action, 'cos the Lawyers make all the money and the "Agree" affected customers only get lefts-overs even if they get affected later on.
The best way is the be guide by a Lawyer(s) in person. They will tell you what to do: Most of them will tell you to wait until you get affected and have proof of it......then is the best time to hurt Sony.
Now at this time a Class Action with Proofs is the best way to go !!!

Just my 2 cents.

Why Sony doesn't deserve your money:
http://goo.gl/SBUj7
This message has been edited since its posting. Latest edit was made on 04 May 2011 @ 12:23

163.5.2011 17:27

Originally posted by Jemborg:
Originally posted by Ben79:
...Sony lost me as a customer when they said they couldn't do anything for the downloaded video content on my fried PS3...
What fried it?


YLOD post warranty. I paid $150, sent it in for repair, and they sent me a different refurbished unit saying mine was irreparable. So I was unable to deactivate my original unit to reinstall what I had backed up. Sony fracked me out of about $300 of video content.

173.5.2011 18:56


If you are waiting for the people who stole this information to get smart and start offering to sell it in smaller pieces, then you deserve identity theft.
Exactly what I have been thinking the whole time. It's been how long now since all this started and I am waiting to hear of anyone that has had unauthorized charges on their card. At this point it's your own fault for not taking the necessary steps of protecting yourself.
This message has been edited since its posting. Latest edit was made on 03 May 2011 @ 6:58

183.5.2011 19:27

Originally posted by Ben79:
Originally posted by Jemborg:
Originally posted by Ben79:
...Sony lost me as a customer when they said they couldn't do anything for the downloaded video content on my fried PS3...
What fried it?


YLOD post warranty. I paid $150, sent it in for repair, and they sent me a different refurbished unit saying mine was irreparable. So I was unable to deactivate my original unit to reinstall what I had backed up. Sony fracked me out of about $300 of video content.
All you had to do was while you were on the phone with Sony was have them deactivate the PS3 that was broken. Simple. And you should still be able to do it too.

194.5.2011 06:10

Originally posted by Oner:

All you had to do was while you were on the phone with Sony was have them deactivate the PS3 that was broken. Simple. And you should still be able to do it too.
Yes, you SHOULD be able to...but it is a total pain and you have to try it over and over again with different operators. It took me about a dozen tries to convince them to deactivate the PS3 that my friend had sent into Sony...and even then they only did it because they knew for a fact that they have the system there. If he had simply thrown the old system away, he would have been screwed.

204.5.2011 09:54

Originally posted by KillerBug:
Originally posted by Oner:

All you had to do was while you were on the phone with Sony was have them deactivate the PS3 that was broken. Simple. And you should still be able to do it too.
Yes, you SHOULD be able to...but it is a total pain and you have to try it over and over again with different operators. It took me about a dozen tries to convince them to deactivate the PS3 that my friend had sent into Sony...and even then they only did it because they knew for a fact that they have the system there. If he had simply thrown the old system away, he would have been screwed.
They have the broken PS3 already documented so there should be no issue with operators if explained properly. That is all the proof he needs to get it deactivated. There is no reason for an operator to question that.
This message has been edited since its posting. Latest edit was made on 04 May 2011 @ 9:56

214.5.2011 10:35

Originally posted by Oner:
Originally posted by KillerBug:
Originally posted by Oner:

All you had to do was while you were on the phone with Sony was have them deactivate the PS3 that was broken. Simple. And you should still be able to do it too.
Yes, you SHOULD be able to...but it is a total pain and you have to try it over and over again with different operators. It took me about a dozen tries to convince them to deactivate the PS3 that my friend had sent into Sony...and even then they only did it because they knew for a fact that they have the system there. If he had simply thrown the old system away, he would have been screwed.
They have the broken PS3 already documented so there should be no issue with operators if explained properly. That is all the proof he needs to get it deactivated. There is no reason for an operator to question that.
Regardless, I'm fed up with Sony now, and it's been over a year. All I got when I called was higher blood pressure, and forehead-vein-popping anger because they kept telling me what they cannot do. It's the games they make money on, and I refuse to buy software or content for the PS3 anymore. I still purchase from independent developers however as they are not PS3 exclusive.

224.5.2011 11:01

Originally posted by Ben79:
Originally posted by Oner:
Originally posted by KillerBug:
Originally posted by Oner:

All you had to do was while you were on the phone with Sony was have them deactivate the PS3 that was broken. Simple. And you should still be able to do it too.
Yes, you SHOULD be able to...but it is a total pain and you have to try it over and over again with different operators. It took me about a dozen tries to convince them to deactivate the PS3 that my friend had sent into Sony...and even then they only did it because they knew for a fact that they have the system there. If he had simply thrown the old system away, he would have been screwed.
They have the broken PS3 already documented so there should be no issue with operators if explained properly. That is all the proof he needs to get it deactivated. There is no reason for an operator to question that.
Regardless, I'm fed up with Sony now, and it's been over a year. All I got when I called was higher blood pressure, and forehead-vein-popping anger because they kept telling me what they cannot do. It's the games they make money on, and I refuse to buy software or content for the PS3 anymore. I still purchase from independent developers however as they are not PS3 exclusive.
dude um i hear that the ps3 online is coming back in this sunday. i called the sony phone number and i ask the information about the playstation network states was it is very fast. i ask too many question that the sony gave me the day of playstation network was coming back in this sunday.
This message has been edited since its posting. Latest edit was made on 04 May 2011 @ 11:02

234.5.2011 13:57

Originally posted by Ben79:
Originally posted by Oner:
Originally posted by KillerBug:
Originally posted by Oner:

All you had to do was while you were on the phone with Sony was have them deactivate the PS3 that was broken. Simple. And you should still be able to do it too.
Yes, you SHOULD be able to...but it is a total pain and you have to try it over and over again with different operators. It took me about a dozen tries to convince them to deactivate the PS3 that my friend had sent into Sony...and even then they only did it because they knew for a fact that they have the system there. If he had simply thrown the old system away, he would have been screwed.
They have the broken PS3 already documented so there should be no issue with operators if explained properly. That is all the proof he needs to get it deactivated. There is no reason for an operator to question that.
Regardless, I'm fed up with Sony now, and it's been over a year. All I got when I called was higher blood pressure, and forehead-vein-popping anger because they kept telling me what they cannot do. It's the games they make money on, and I refuse to buy software or content for the PS3 anymore. I still purchase from independent developers however as they are not PS3 exclusive.
Understandable. You might want to give it a try when the PSN comes back up as you have the proof and I would guess Sony would be more amicable under the current circumstances.

244.5.2011 15:22

Originally posted by Oner:

Understandable. You might want to give it a try when the PSN comes back up as you have the proof and I would guess Sony would be more amicable under the current circumstances.
That's a good point haha. Worth a try.

256.5.2011 01:02

the group anonymous or whatever. probably just cripped the hell out of Sony's Network showing its immence vulnerabilities. i sincerely doubt these guys took any credit card info.

sony is just saying that so they wont look like chumps. i'd wager my useless PS3 that i barely even turn on (with no pSn account created) that if you contacted Visa/Mastercard/Discover/Amex/etc about whether a ligitament claim of fraud was reported. i think those companies would say No.

266.5.2011 04:24

They are being reported from what i can make out, lol since the attack hsbc telephone banking (not hear this message since the banking collapse) "we are experiencing unusually high call volumes..." although its probably due to some other company losing 1000's of card details ... lol or something else.

Comments have been disabled for this article.

News archive