online disaster

[Update]: Department Of Homeland Security Investigating PSN Debacle

by Dan Ryckert on Apr 30, 2011 at 09:34 AM


UPDATE 4/30:

This debacle has apparently gotten big enough for the government to take notice, as the Department of Homeland Security is now investigating the matter. "The Department of Homeland Security is aware of the recent cyber intrusion to Sony's PlayStation Network and Qriocity music service," says spokesman Chris Ortman. "DHS' U.S. Computer Emergency Readiness Team (CERT) is working with law enforcement, international partners and Sony to assess the situation."

Similar government departments in Australia are also looking into the matter.

Source: Gamasutra

UPDATE 4/29:

Hackers that claim to have the stolen PSN data are attempting to sell credit card information on several message boards. They claim to have names, addresses, phone numbers, email addresses, birth dates, and full credit card information (number, expiration, and security code) for sale. TrendMicro security expert Kevin Stevens says that they offered to sell the information back to Sony, but the company refused.

Stevens also says that 2.2 million credit cards are included in the database. Reports of fraudulent charges have been popping up on Twitter, on message boards, and in the inboxes of gaming journalists. There's no way to know for sure whether these claims are true, and even if they are there's no way to determine if they're tied to the PSN breach.

Source: cnet


UPDATE 4/26:

Sony has officially acknowledged that the recent security breach of PSN by hackers has likely resulted in the theft of PSN account users' profile info, and perhaps even credit card information.

The official Sony PlayStation Blog reads in part:

"Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1. Temporarily turned off PlayStation Network and Qriocity services;
2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information."

As far as what those responsible may have gained, the statement details a list including your name, address, PSN/Qriocity account info – and possibly your credit card info.

"Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birth date, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained."

Finally, Sony says, "We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week."

Check out Sony's full response at the Official PlayStation Blog for more info.

What a way to launch SOCOM 4.


[Original Story]: Playstation Network users have been left in the dark for days now, and Sony has acknowledged that the shutdown has everything to do with hackers. However, they've made no mention of who's to blame or what the hacking hoped to accomplish. Web group Anonymous previously announced intentions to attack PSN, but are denying involvement with this incident. Today, a user on Reddit claims to have knowledge of the specifics.

User chesh420 says he's a moderator at, and the shutdown can be traced to a custom firmware that allowed users to validate fake credit card numbers on what PSN deemed to be a secure network. Here's the entirety of his post (all spelling in context):

Ok, I've seen a bunch of speculation of why people think PSN is down, and I thought I should just post what the community knows in comparison to what Sony is telling everyone. The truth is, there was a new CFW (custom firmware) released known as Rebug (link omitted). It essentially turns a retail console into a dev console (not fully, but gives you a lot of the same options that usually dev's only have access to). Anyway, this new CFW was quickly figured out to give CFW users access to the PSN network again via the dev networks. With a little manipulation of the URL's through a proxy server you could get your hacked console back online. Not that big of a deal, right? Well, it also turns out that some people over at NGU found out that you could provide fake CC# info and the authenticity of the information was never checked as you were on Sony's private developer PSN network (essentially a network that Sony trusted). What happened next was extreme piracy of PSN content. Sony realizing the issue here shut down the network. Now, before you go freaking out about the latest information posted about Kotaku, no ones personal information was accessible via this hack. Not to say they couldn't get it, but no one is admitting to it being available. Anyway, that's the real reason for the PSN downtime. Sony is now rebuilding all of it's PSN servers to be more secure and (hopefully) make sure the CFW users cannot get online anymore.

It would take something major for Sony to shut down the entirety of their network, and a custom firmware that allowed for rampant pirating is obviously reason for concern. Take this with a grain of salt, as we have no way of verifying whether this Reddit user has an inside track or not. We've reached out to Sony for comment and will let you know if we hear anything.

UPDATE: We received a response from Sony, which you can read below

We are currently investigating, including the possibility of targeted behavior of an outside party.  If this is indeed caused by such act, we want to once again thank our customers who have borne the brunt of the attack through interrupted service.  Our engineers are working to restore and maintain the services, and we appreciate our customers' continued support.

Source: Reddit