I’d just like to take a quick moment to thank Sony and, specifically, Playstation for their apparently lacking security precautions.
Over Easter, like many PS3 owners, I tried a few times to jump online via my Playstation. Each time I tried to log into the Playstation Network (also called the PSN) I received a message:
Playstation Network is Currently Undergoing Maintenance
Into the third day of the Easter holiday weekend this started to smell a bit fishy. Playstation has been known to screw over New Zealanders when it comes to performing routine maintenance – what with us being at the opposite end of the daily clock to many other gamers around the world – but over 24 hours of outage during the Easter holidays when so many people would be online seemed a bit wrong, even for them.
And then the story made the Stuff news website here in New Zealand. Apparently, the network was down due to an ‘external influence’. This later grew into a full admission of an attack on the Playstation Network.
Today, Stuff announced that the personal details of some 77 million users had been accessed and the users were at risk of having information stolen from them.
I then received an email from Playstation Network itself, the first I’ve seen from them in a basic black and white text format without all the fancy imagery. It simply said:
We have discovered that between April 17 and April 19, 2011,
certain PlayStation Network and Qriocity service user account
information was compromised in connection with an illegal and
unauthorized intrusion into our network.
They go on to say the few basic things they have done to fix the attack (at time of writing there is still no access to the network, well over a week since the attack) and then:
… we believe that an unauthorized person has obtained the following
information that you provided: name, address (city, state, zip), country,
email address, birthdate, PlayStation Network/Qriocity password and login,
and handle/PSN online ID. It is also possible that your profile data,
including purchase history and billing address (city, state, zip),
and your PlayStation Network/Qriocity password security answers may
have been obtained.
They also say that they can not rule out the possibility that my credit card has been compromised and that I should get in touch with my credit card provider to file a possible fraud notice. According to them, at no charge, US residents can file this fraud notice. Doesn’t really help me as a New Zealand resident though I guess.
Why did the attack on the PSN happen?
As with any issue related to the Playstation, which hosts a community of millions of over-active and over-imaginative excitable young boys, rumours are rampant throughout the Playstation forums that the attack was by the substantial and infamous hacking group that goes by the name ‘Anonymous’.
Anonymous claim that Playstation’s notice that it was going to clamp down on those ‘jail-breaking’ their PS3 so that other software could be installed was an act of war against Playstation owners. Playstation’s marketing representative that was using Twitter to promote Playstation products (going by the character name, Kevin Butler) actually accidentally re-tweeted a code posted by a hacker that allowed people to unlock their PS3 consoles.
You can see the retweet by the Kevin Butler PS3 character below. Clearly he doesn’t know exactly what he has just passed on to his thousands of followers.
Is this what lead to the downfall of the Playstation Network? Either way, the rumour now is that Anonymous say that people should be able to use their own property as they choose and I guess they believe Playstation is some evil dictator trying to ruin everyone’s fun.
I don’t really buy that for a minute, unless Anonymous itself really is run by a bunch of adolescent teenagers that are still struggling through puberty. It doesn’t really sound like the same group that have politically attacked large organisations that were boycotting information about Wikileaks last year.
Either way, thanks for looking after my details Playstation!
For more information, you can check out the questions and answers that Playstation have officially published here.