Sony: Hackers Exploited Known Vulnerability

[JMcEntegart]

Sony has said the hackers responsible for the April 17-19 PlayStation Network breach exploited a known vulnerability.

Sony: Hackers Exploited Known Vulnerability : Read more

 

[prabal34]

I wonder if Sony will just /ragequit . It kind of sucks because I had to put a fraud alert on my credit the other day due to all this stuff happening. I also probably won't ever buy anything from PSN anymore...

 

[rantoc]

So a known vulnerability was exploited and Sony didn't even know about it. The words "We take peoples information/credit cards seriously" all of a sudden seems more like "We don't give a shit about people!" and the newly appointed ‘chief information security officer’ position will likely be terminated when the media storm have blown over or have as escape goat when it happens again!

 

[4745454b]

Since when is security not a part of IT? Seems to me they should fire the CIO or one of his underlings because security of the network would be one of their responsibilities? It seems silly to me to create a whole new job if it should already be a part of someone's already.

 

[eddieroolz]

I wonder if this was the case of technicians on the lower levels knowing about a hole, but management refusing to acknowledge it and order a repair. As we all know this happens a lot in corporatinos and governments.

 

[alidan]

[citation][nom]rantoc[/nom]So a known vulnerability was exploited and Sony didn't even know about it. The words "We take peoples information/credit cards seriously" all of a sudden seems more like "We don't give a s$#$ about people!" and the newly appointed ‘chief information security officer’ position will likely be terminated when the media storm have blown over or have as escape goat when it happens again![/citation]

you have to realise how a japanese company works. they will likely fire some random guy who had nothing to do with it, or the person who mentioned the bug, but was told to do nothing.

they than made a job, for a more convenient scape goat the next time around (though they will do a job till than)

and finally, the person who is really responsible, will be given a meaningless task to do till he leave the company, as this is the most efficient way to deal with someone who could potentially still be important to some other company.

 

[ironmb]

Yet another reason why I never will own a playstation console again.

 

[KlamathBFG]

So anyone know what the server platform was or how long the hole has been there, given their reaction it sounds like this could be pretty old which is even more frightening!!!

 

[Ori25]

A quadrillion dollars made from original games / 3 system update each month.... and there is no one at the other end of the wire to prevent our account to be stollen ... lol.... nice one Sony next bank invoice i will mail it to you!

 

[memadmax]

Wow, known exploit and noone was around to patch the hole....

GG sony...

 

[ubercake]

Thing that sucks for me is at one time, I owned an XBOX 360, XBOX, PS3, and Wii at the same time. No one used the PS3 so I sold it after 3 months, though I had signed up for their crappy PSN online service while I had the PS3. Now I receive an e-mail notification my account was comprimised (from 3 or 4 years ago!). It said we only think they got your basic info from the phone book plus your user name and password (which is only tied to a bank card), so don't worry or anything, but please feel free to check your credit.

When are governments really going to hold these bi-(#3s responsible. Burden of proof is always on the consumer. I like my Bravia, but this make me consider never getting another one of their products for fear my product registration might pose a credit risk. Enough of this crap already!

 

[Guest]

Sony have been on my BlackList for a while now after several bad products from them. I spent half a day changing my whole security setup after my account on PSN was compromised, and all I did was sign up to PSN so my GF could download games and comics to her old PSP.

This is the last straw for me, I was just about to sign up to DC Universe but that is not going to happen now!

At least it has made me re-work all my online passwords for every account, had a great time coming up with cyphers to create unique passwords for every site, so in that respect, thanks SONY!

 

[Steveymoo]

[citation][nom]rantoc[/nom]So a known vulnerability was exploited and Sony didn't even know about it. The words "We take peoples information/credit cards seriously" all of a sudden seems more like "We don't give a shit about people!" and the newly appointed ‘chief information security officer’ position will likely be terminated when the media storm have blown over or have as escape goat when it happens again![/citation]

LOL - escape goat.

 

[reggieray]

[citation][nom]moricon[/nom]Sony have been on my BlackList for a while now after several bad products from them. I spent half a day changing my whole security setup after my account on PSN was compromised, and all I did was sign up to PSN so my GF could download games and comics to her old PSP.This is the last straw for me, I was just about to sign up to DC Universe but that is not going to happen now!At least it has made me re-work all my online passwords for every account, had a great time coming up with cyphers to create unique passwords for every site, so in that respect, thanks SONY![/citation]
Why? The only thing compromised was your PS3 account, how do you think all your other online accounts were affected?

 

[hoofhearted]

Sony just needs to announce that they are outsourceing their network to a new company, then create a new company. Do a dog an pony such as a firmware update, UI rewrite and having some catch phrases like "updating secure protocol" flash across the screen then all will be right as rain.

 

[damian86]

Well if this was a known vulnerability why thw hell did they not fix it or shut the network down before this happened!!! Best of all, u have to agree with 30 free days of psn plus!booo

 

[spleencat]

Why is nobody pissed at the hackers. They didn't have to do it. Vulnerability or not, it was their actions that have caused the trouble. They hurt not only Sony, but all of the people who use their network. Somebody in the Playstation community knows who did this. They owe it to their fellow gamers to finger the culprits.

 

[Camikazi]

[citation][nom]spleencat[/nom]Why is nobody pissed at the hackers. They didn't have to do it. Vulnerability or not, it was their actions that have caused the trouble. They hurt not only Sony, but all of the people who use their network. Somebody in the Playstation community knows who did this. They owe it to their fellow gamers to finger the culprits.[/citation]
The hackers are at fault, and no one will deny this, but seriously the hackers would not have succeeded if Sony knew how to keep up with and patch "known vulnerabilities" like every company should. Sony pissed off hackers, so hackers checked out and found out that Sony sucks at securing their network and shut them down, fault lies on both sides but more with Sony for allowing their network to go unpatched.

 

[servarus]

[citation][nom]Camikazi[/nom]The hackers are at fault, and no one will deny this, but seriously the hackers would not have succeeded if Sony knew how to keep up with and patch "known vulnerabilities" like every company should. Sony pissed off hackers, so hackers checked out and found out that Sony sucks at securing their network and shut them down, fault lies on both sides but more with Sony for allowing their network to go unpatched.[/citation]
Patched or not patched, when hackers wants to do it, they will. it's just the matter of how easy and how fast they can do it. So can't really blame it too much on Sony. Not that they are right too.

 

[Yuka]

[citation][nom]servarus[/nom]Patched or not patched, when hackers wants to do it, they will. it's just the matter of how easy and how fast they can do it. So can't really blame it too much on Sony. Not that they are right too.[/citation]

Would you be mad at your bank, if they tell you robbers got in to the main vault and got all your life savings? And then, after that, they tell you that the lock was broken and they knew it?

The Hacker is a robber/burglar, yes, off course; no one is telling otherwise. But for big companies to advertise "you can trust your personal information and credit card to us", for this to happen... You need to be mad at the company for doing a horribad job at keeping that advertised promise.

Cheers!