OK, Playstation faithful, you can see Sony's full response to inquiries by Congress here. If you don't want to spend that much time, you can see the summary of their response as posted on the Playstation Blog site. Or, here, let me post some key points here:
- The Playstation Network was hacked in a seriously devious, professionally choreographed infiltration (attackers coordinated a "Denial of Service" attack to tie up system resources and Playstation Network engineers so they could then slip in underneath the cover of the larger, denial of service attack)
- Personal info was taken (names, addresses, user ids and passwords).
- Potentially, encrypted credit card info was taken, although forensic analysis has not uncovered any evidence that this was the case, nor have any major credit card companies reported any fraudulent transactions believed to be the result of this attack
- The intruders left a file on one of the Sony servers with the filename "Anonymous" and the words "We are Legion" (yeah, Anonymous denies any connection with this attack - right...)
- Sony engineers are upgrading the virtual defenses of their network (and hope to have the services restored in the near future)
- Sony plans to offer the following to Playstation Network account holders:
- complimentary enrollment in identity theft protection program, including $1 million in identity theft insurance (details will be sent via e-mail to account holders over the next few days)
- 30 days' free membership in Playstation Plus (and additional days extension to any paid services equal to the number of days the services were unavailable)
- free downloads of various "stuff" from the Playstation Network Store.
(You can see the details if you visit the various links, above.) Sony is "working with FBI and other law enforcement agencies around the world to apprehend those responsible." This is an example of how "cyber crime" is becoming much more sophisticated, and how we all need to be careful what we use where when information is being provided. It also goes to show how silly the guy who slapped a lawsuit on the table even before the dust was finished rising, let alone settling on all this, was. As expected, Sony has arranged to take care of its customers - without having to to go through the trouble of a class-action lawsuit. (I hope that guy still has to pay the attorneys... that was just stupid for him to file the suit in the midst of an ongoing investigation when he didn't even have all the info yet, let alone having given Sony time to respond at the consumer level regarding everything.)
At least we'll hopefully get the Playstation Network back up soon. I was going to mix another story/idea into this blog post, but it's already getting long, so I'll just post it as-is and write a separate post (in just moments) with the other idea. See ya across the break...
No comments:
Post a Comment