Tobold's Blog
Thursday, April 28, 2011
I'm so happy I lied to them

I just got mail from the PlayStation Network:
Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:
1) Temporarily turned off PlayStation Network and Qriocity services;
2) Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3) Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state/province, zip or postal code), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence that credit card data was taken at this time, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
Fortunately for me the PlayStation Network is not very user friendly even if it works. When I created my account, it asked me what country I was living in. It turned out that if I said the truth, Belgium, I could only run the Playstation Network in Dutch or French. I really didn't want that, but the only way to get the thing to run in English was to pretend that I lived under a fictious address in the UK. That caused all sorts of hassle later, as then of course I couldn't use my credit card, but had to buy game cards to load up my PSN wallet and buy games. And bizarrly the Playstation Network account management doesn't allow you to change which country you live in, thus if you move to a different country you can't update your address.

But in consequence the PSN hackers got a fake address from me, and no credit card data. Enjoy!
Isn't German an official language there too? Why on earth would they physically limit it to two languages when the country in questions acknowledges 3 for official use?
Are you Flemish Tobold?

I just received the same e-mail - luckily I got a new credit card since a few months and I forgot to update the information in PSN :-)
In the US, we have something called the "rejection hotline." If you are being hit on by someone you are not interested in, you can give them the hotline number instead of your phone number. When they call, they will get a fairly direct message.

There are a frustrating number of places and websites that insist on getting your phone number when it is not at all appropriate in my opinion. Those people, I give the rejection hotline. I have given it out so many times, there's no doubt in my mind that at least a few of these places have called it.

I hope they understood the message.
Are you Flemish Tobold?

No, German. Unfortunately very few Belgian websites offer anything in the third official language of the country, as only 3% of Belgians are German-speaking.

In this time and age with expats everywhere, I find it unacceptable that a service forces you to use a local language just because you happen to live there.

As a consequence I can't use half of the multi-media services of the PSN. Having claimed to be English to get the language set to English, services like BBC Live Player show up on my PS3, but when I select them, they find out by my IP address that I am in fact in Belgium, and they block access.
Blasted Blogger just ate my long, detailed reply and I can't be bothered to retype it. Short version:

The BBC is paid for by a Licence Fee that is levied on everyone in the U.K. who has the capacity to receive a televison signal. In practice this is almost everyone, so it's virtuially a universal tax. Consequently, British popular opinion tends to be strongly against people outside the U.K. gettign services for free which we have to pay for.

The iPlayer has been especially controversial in this regard and the BBC has had to ensure it isn't freely available outside the U.K. You almost certainly have the BBC to blame for your I.P. address being blocked, not Sony.

Even Brits travelling or living abroad can't access the iPlayer as far as I know. I certainly couldn't last time I tried.

I should add that I personally am 100% in favor of the licence fee, which I happily pay even though I haven't watched television for more than a dozen years. I'd also be completely happy with everyone in the world having free access to waht I help to fund. Share the wealth!
I suppose you can at least be glad with the fake address to get access being relatively easy to do (minus changing it). Given the korean MMO's intensity at limiting everyone but Koreans from joining their MMOs thanks to asking for korean cell phone numbers, which are checked when registering, or even your korean social security number. Goodness gracious.

I would joke that "At least you know all your player base is Korean!" thanks to those levels of overboard but with enough sneaky and dedicated foreigners getting into those types of games anyway. Maybe nothing short of forcing you to drive down and registering for a new free MMORPG at the local government office will be instore...
I recall that you mentioned this before and I thought it was dumb then.

Especially as applied to Belgium. Both the EU and NATO have many of their administrative functions located in the country, so there a large number of foreigners living there.

So why the restriction?
In WoW I remember a friend who wanted to start a new toon with me utilizing the RAF. Sadly it turned out that WoW-EU allow this only to European customers leaving me and my friend stranded since we both are Saudies, we simply changed the country to UK and relied on prepaid cards for our gaming time and we enjoyed leveling up together, well not really he quit at level 62 or so while I continued with my toon up to max level.

This is starting to be sane policy by average consumers these days.

I have thought recently that every enrollment to online services should be with fictional data.

[this is why WOW was insisting on "real names" be used for for future Facebook integration, that way Facebook has your info to market to real users not aliases]

Companies are not securing data in an acceptable manner if it is not Credit Card related (due to Payment Card Industry Data Security Standard). And still the very gateways they use for marketing data sharing are being used to hack financial info too.

As consumers now we have no choice but to assume all vendors (unless it's a bank - and perhaps not then) are to be untrusted and given non-serious info.
Sony announced yesterday that all 25M SOE customers are also affected by this hack. That brings the total exposed to 100M. Quite possibly the largest breach ever.

Sony has shut down SOE for the moment. Since many SOE titles were just hanging on anyway this cannot be good for them.

Sony is also going to take a serious financial hit. At the very least this is going to cost them $1 billion, and probably closer to $10 billion.
Post a Comment

Links to this post:

Create a Link

<< Home
Newer›  ‹Older

  Powered by Blogger   Free Page Rank Tool