Forgot your password?
typodupeerror
Security Sony IT

Anonymous Claims To Have Hacked Sony PSN Again 239

Posted by samzenpus
from the we're-back dept.
hypnosec writes "Anonymous has claimed a new attack on Sony's PlayStation Network, and this time around it seems they have information from nearly 10 million user accounts. As a proof of the hack they dumped more than 3000 credentials online in the form of a pastebin post. The notorious hacktivist group is claiming that the entire set of hacked credentials contains over 10 million PSN accounts and that the file is of around 50GB." Update: 08/16 13:12 GMT by S : Sony has denied this claim.
This discussion has been archived. No new comments can be posted.

Anonymous Claims To Have Hacked Sony PSN Again

Comments Filter:
  • by Soluzar (1957050) on Thursday August 16, 2012 @08:11AM (#41008769) Homepage
    Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!
    • by Anonymous Coward on Thursday August 16, 2012 @08:17AM (#41008825)

      That's the thing about poor security, Anonymous isn't the only one that was able to access the credentials. Perhaps you should be wondering why Sony isn't storing your hashed password in a salted format -- it appears to be a SHA1 hash represented in base64. Who else had access to your information that didn't advertise it to the world, and for how long? That's where your concern needs to be.

      • I just want a Blu-ray player that will access Netflix and play a few local games. I really wish Sony could de-couple their PSN account from my ability to use the PS3 and watch Netflix. But you can't because the Netflix app and firmware update require an account.

        Apple TV would be perfect except for the fact Apple would never in a million years include a Blu-ray player (direct competition to their iTunes format). Of course, I could rip Blu-ray disks in Apple TV format from my PC using AnyDVD HD, Another EAC3

    • by Xest (935314) on Thursday August 16, 2012 @08:23AM (#41008887)

      Sure, and I want to live my life without Sony lobbying governments to fuck up the internet, but thanks to people like you giving them money I can't.

      Besides, it's not as if Sony has a great track record of keeping your data safe so why do you keep putting it in their hands in the first place? Honestly, if a company can't notice 50gb of sensitive data flying out of it's network it has to have a pretty high degree of incompetence.

      • by CastrTroy (595695)
        I'm sure that if you send the data slow enough, that it wouldn't even show up as a blip on their radar. 50 GB is nothing compared to the amount of data that goes over their networks. Granted, it would be braindead simple to make a completely segregated user login system from the systems which actually handle the game servers, and to make that system very secure, by only have it doing 1 simple thing, but they probably didn't do that.
      • by Soluzar (1957050)
        It's not as though I can exactly take my data out of their hands without depriving myself of the things I already purchased, is it? I'm effectively stuck with Sony, and Anonymous aren't helping the situation for me. Sony aren't exactly my favourite company in the world, but I was already into them for a big chunk of change before any of this idiotic nonsense by anonymous ever started or had reason to.
        • by Xest (935314)

          I guess it depends what country you are in. In the UK I think the repeated displays of ineptitude by Sony in holding your data secure would be grounds enough to be able to cancel your account and demand a refund for any content you would hence no longer have access to. The small claims court here is quite effective at dealing with those sorts of cases and the time/cost for using it is pretty low (£20 IIRC which you can claim back if you win). Many other countries have a similar thing.

        • by scot4875 (542869)

          I'm effectively stuck with Sony

          And who's fault is that? It's not like Sony was still a paragon of virtue and responsibility when the PS3 came out.

          You either already knew what you were getting into and didn't care, or you were ignorant if who you were dealing with. In either case, you've got nobody to blame but yourself.

          --Jeremy

        • by andydread (758754)
          You migrate away just like you would any defunct system that you are locked into. The first step is to quit purchasing anything else for that platform.
      • With a company as Big as Sony I wouldn't be surprised if there is a guy who Works there is part of Anonymous. Oh I need to do maintenance on the server today. While he is doing maintenance plugs in a USB Disk... (Heck an iPod or a Cell Phone could hold the data) and copies the data down.

        And how Dare people who do not have the same political priorities and views of you not alter their lives to match you views. "Freedom for speech just as long as you are saying what I want to hear!!!"

        • by Xest (935314)

          "And how Dare people who do not have the same political priorities and views of you not alter their lives to match you views. "Freedom for speech just as long as you are saying what I want to hear!!!""

          That's a rather ass-backwards way of reading the discussion. I simply made the point that I suffer when he funds Sony, so why should I care when he suffers for funding Sony?

          I didn't say I expect him to change, I'm just saying don't expect sympathy when not changing comes back to bite you. It's a two way street

      • by Shavano (2541114)

        record of keeping your data safe so why do you keep putting it in their hands in the first place? Honestly, if a company can't notice 50gb of sensitive data flying out of it's network it has to have a pretty high degree of incompetence.

        50 GB is nothing to data traffic on a game server.

      • Your statements are full of logical holes but most substantially, how about you make a guess as to what percentage that 50GB is of Sony's hourly bandwidth usage.

        Go on, I'm waiting to hear how substantial you think it is.

    • Re: (Score:2, Insightful)

      by AmiMoJo (196126)

      You should be thanking Anonymous for making you aware of how poorly Sony is protecting your personal data. After all, if those guys can get in then I'm sure people who do it for more than just lulz can too.

      • by hackula (2596247)
        Remember to thank the robber next time he breaks in through your window for kindly showing you how you need better home security.
    • Is the intent of anonymous' actions really to inspire fear? Have we gotten to the point now where we accuse anything that inconveniences us as an act of terrorism?
    • cyber-terrorists

      I strongly doubt this event has induced terror in you, or was intended to. Stop using the word "terrorist" as a scare word. I suggest "paedophile", it has more of a universal revulsion factor when trying to demonise people.

      If you're going to criticise someone for something, criticise them for what they've actually done.

    • by tlhIngan (30335)

      Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!

      For every hack that Anonymous does, there's probably dozens of others that you don't hear about.

      Same as vulnerable software - just because someone reports it to you doesn't mean you can ignore it - you can bet others have found it and may be exploiting it, just

    • by mcgrew (92797) *

      Those assholes really need to think about who they are hurting with this crap. It is the users, like me. I've got a substantial amount of PS3 games, both from PSN and retail. I just want to use them in peace without veing harassed by cyber-terrorists!

      Considering that Sony rooted my computer with their XCP trojan and vandalized my system, and removed (stole!) OtherOS from people who had already paid for it, it's impossible to use ANY Sony product without being harassed by cyber-terrorists. Sony are cyber-ter

  • by ctheme (2694307) on Thursday August 16, 2012 @08:12AM (#41008771)

    Even if this is true, and PSN was compromised, what's the point? This benefits no good cause, and Sony isn't even the one being exposed here -- its users are.

    Anonymous is repeating the mistakes of Cablegate; releasing private information of parties who didn't ask to be involved. That's bullying, not hacktivism.

    • by rvw (755107)

      Even if this is true, and PSN was compromised, what's the point? This benefits no good cause, and Sony isn't even the one being exposed here -- its users are.

      Anonymous is repeating the mistakes of Cablegate; releasing private information of parties who didn't ask to be involved. That's bullying, not hacktivism.

      It depends. If this is the only way to show that Sony doesn't give shit about security, then this is the way. They released 3000 credentials. If they release the 10 million, that's another case. But anyhow, Anonymous is not about going the diplomatic way.

      • by chebucto (992517) *

        Nonsense. They shouldn't release anyone's private credentials. Whether it's 3,000 or 10,000,000, the damage for any one individual is the same.

        If they are able to crack PSN and there is work Sony should do to fix things, then they have other options.
        - Tell Sony, see if they fix it
        - Failing that, tell an independent person - a trusted reporter or other third party. Then that third party can confirm the leak and Sony will have to answer for their problems.

        As someone with more than a few accounts online (inclu

  • Whoops! (Score:5, Funny)

    by phrackwulf (589741) on Thursday August 16, 2012 @08:13AM (#41008787) Homepage

    Sonic is really going to have to hurry to get all those rings back! I hate this level!

  • Fail. (Score:5, Informative)

    by Anonymous Coward on Thursday August 16, 2012 @08:14AM (#41008793)

    Proven false.

    * the document of leaked data linked to in the Twitter account appears to be identical to one posted on the Internet back in March.
    * Anonymous has deleted the Tweet claiming that it hacked the PSN.
    * Direct statement from Sony: "We’ve confirmed that the recent claim that PlayStation Network was illegally hacked and that customer passwords and email addresses were accessed is completely false."

  • Fool me once, shame on you and all that. The first time they could be excused a little by having put too much faith in their internal systems. If this is true, there can be no excuses left.

  • Seems like all the email adresses are for Swedes. Wonder what they've got against Swedes.

    • by OzPeter (195038)

      Seems like all the email adresses are for Swedes. Wonder what they've got against Swedes.

      I dunno .. maybe because of that little thing between Julian, the UK, Sweden and Ecuador?

    • by repvik (96666)

      Because the list is from a different hack, not PSN. This scriptkiddie just copy-pasted a credentials list from march. Here: http://pastebin.com/hhU8Q9di [pastebin.com]

  • by deadbeefcafe (1371017) on Thursday August 16, 2012 @08:17AM (#41008827)
    http://www.videogamer.com/news/psn_hack_claims_are_false_says_sony.html [videogamer.com]

    Last night someone claiming to be a member of Anonymous posted what was alleged to be information obtained from 50GB of compromised PSN data, but it turned out the data was the same as that released last year when PSN was hacked. "We've confirmed that the recent claim that PlayStation Network was illegally hacked and that customer passwords and email addresses were accessed is completely false," assured Sony in a statement.

  • by frinsore (153020) on Thursday August 16, 2012 @08:20AM (#41008851)

    The last time that this happened Sony gave me two free games. Now that it appears to have happened again my initial thoughts are regarding more free games. Somehow I don't think that this response is intentional on Sony's part.

    • by rvw (755107)

      The last time that this happened Sony gave me two free games. Now that it appears to have happened again my initial thoughts are regarding more free games. Somehow I don't think that this response is intentional on Sony's part.

      It's the new marketing strategy. You are conditioned now. The hack is a hoax. You want games. Sony wins! HAHAHAHAHAHA!!!!!!

  • by rgbrenner (317308) on Thursday August 16, 2012 @08:25AM (#41008923)

    I can't imagine this is true.. Sony has always been on the cutting-edge of security tech. I mean this is the company that designed the text-based CAPTCHA:
    http://pro.sony.com/bbsc/jsp/forms/generateCaptcha.jsp [sony.com]

    Right click is disabled so it's impossible to crack.

    • by thegarbz (1787294)

      Wait what? Right click is disabled? Was that foiled my noscript running on my browser?

    • by pnot (96038)

      Holy shit, that's incredible. They've invented a Captcha that's easier for a bot than for a human. I can only assume that they never figured out what CAPTCHAs were for, and assumed that their sole purpose was to annoy users.

    • by hackula (2596247)
      How does this exist?!?!
  • Sorry to burst bubble, but this can be easily be forged with old data from previous hack. For me it's bigger posibility than Sony haven't taken previous attack seriously.
  • Most of the time I think of Anon's actions as pointless vandals, best discouraged.

    When the f**k with Sony though I can't help but cheer them on.

  • It would seem that one of the official sports of the hacktivist community is to continually embarrass Sony. I think this is positively hilarious that Sony still cannot get it right.
    • by JavaBear (9872)

      Some people have pointed out that this hacker claim may be fraud. If true, how can you claim "Sony still cannot get it right" ?

      Sony screwed up, and probably spent millions hardening their security, and will have to continue to do so. Time will tell if they have done enough. Bit if this is an invalid claim, and Sony weren't hacked, how did they get it wrong?

  • by JavaBear (9872) on Thursday August 16, 2012 @08:51AM (#41009187)

    "Someone claiming to be from Anonymous claims to have hacked PSN."

    • "Internet web site speculates about someone claiming to be from Anonymous claiming to have hacked PSN."
      Editor: "Run it!"

    • I hear headlines are better with a question mark. How about: "Has Sony's PSN been hacked again?"
  • I think I should ask them for my password, I changed it after the last attack and now can't remember it.

"If John Madden steps outside on February 2, looks down, and doesn't see his feet, we'll have 6 more weeks of Pro football." -- Chuck Newcombe

Working...