| Mail |
You might also like: WoW Insider, Joystiq, and more

Reader Comments (78)

Posted: May 2nd 2011 8:59PM Joystiq Login Bugs SUCK said

  • 2 hearts
  • Report
@Fakeassname Bank account numbers were also stolen. Those never expire.
Reply

Posted: May 2nd 2011 6:48PM Integral said

  • 2 hearts
  • Report
This is just irritating as hell.

Posted: May 2nd 2011 6:49PM warpax said

  • 2 hearts
  • Report
why in the world would they keep an "outdated database" from 2007 with credit card numbers on it and keep it unsecured. That is definitely negligence on their part and completely SOE's fault

Posted: May 2nd 2011 7:54PM aurickle said

  • 2.5 hearts
  • Report
@warpax
Unsecured? The point of a hack is to capture information believed to be secure. SoE did not think the data was at risk.

Let's say you have a house where you lock the doors when you leave, arm the security system and have gone so far as to put bars on all the windows. However, someone tunnels in through the basement and steals your computer. You'd thought it was secure and had gone to considerable lengths to make it so. Yet someone outsmarted you. Is that your fault?
Reply

Posted: May 2nd 2011 8:32PM absolutturkey said

  • 2 hearts
  • Report
@aurickle THIS x 1,000,000! All the IDIOTS on this board seemed to forget that Sony did nothing wrong! The people that hacked Sony's network did. If anyone here wants to blame Sony for this go ahead! But tell me where you live so I can break into your house. Then we can blame you and label you incompetent for letting me break into your house in the first place.
Reply

Posted: May 2nd 2011 9:11PM Joystiq Login Bugs SUCK said

  • 2.5 hearts
  • Report
@aurickle There are some rather strict laws to do with protecting credit card numbers. SOE had an old file of these remain on their systems after they contracted non-USA billing to GC in 2008.

At the time outsourced their billing for non-USA customers that data should have been purged. They didn't they kept it.

There was no excuse in retaining the information and in fact laws have been broken by them doing that.

All the comparisons in the world to a burglar breaking into your house will never change the fact that you had the crown jewels stored on your dinner table instead of inside the Tower of London where they belong.
Reply

Posted: May 2nd 2011 10:46PM Kaoss said

  • 2 hearts
  • Report
@aurickle Dude you're looking at it all wrong. If it is that persons job to protect the computer and they're getting paid lots of money to protect that computer then it is most certainly their fault.

You keep trying to make it look like some poor little guy got robbed and there was nothing he could do about it, on the contrary, you're paying 10 security guards to do nothing in life but keep that computer safe. That computer gets stolen it is their fault end of story.
Reply

Posted: May 2nd 2011 11:00PM darrenkitlor said

  • 2 hearts
  • Report
@absolutturkey So, if you bank left you credit card or bank account information unencrypted, you'd quickly forgive them for not securing it properly?
Reply

Posted: May 3rd 2011 1:21PM (Unverified) said

  • 2 hearts
  • Report
@aurickle
Except of course that to be PCI DSS compliant (which all companies who deal with credit cards online should be), credit card data should be destroyed after 18 months.
Reply

Posted: May 2nd 2011 6:51PM Royalkin said

  • 2 hearts
  • Report
This huge error, coupled with the FF debacle, will seriously hurt Sony, or at least their stock anyway.

Posted: May 2nd 2011 6:58PM Utakata said

  • 2 hearts
  • Report
Something inside of me suggests that SOE's ongoing issues may be the result of glaring incompetence as well as ambitious hackers.

Posted: May 2nd 2011 7:03PM Yellowdancer said

  • 2 hearts
  • Report
Well, bye bye DCUO and Vanguard...this will pretty much put the death nail in their two lowest sub games.

Posted: May 2nd 2011 7:13PM Zantom said

  • 2 hearts
  • Report
@Yellowdancer

DCUO? I haven't read that their sub counts were low. I did see something about them lowering their server counts, but they had a "super server" spin on that...
Reply

Posted: May 2nd 2011 7:12PM warpax said

  • 2 hearts
  • Report
Read the press release.. it goes into a bit more detail... doesnt look good at all

http://www.soe.com/securityupdate/pressrelease.vm

Posted: May 2nd 2011 7:46PM Fakeassname said

  • 2 hearts
  • Report
@Yellowdancer

depends on the provider, thats why I said "most."

one card that I got 2008 still doesn't expire till next year, while another one that I got last year expires in July. Five years tends to be the absolute max while the lowest I've seen has been 6 months. on average I think most providers range from 2-3 years so that they are neither floating old card numbers nor constantly shipping out new ones.

but even at 5 years, that only applies to cards that were registered with SOE the same year that they were issued. in this case that would have to be after April 2007, but before January 2008. anything newer than that wouldn't be on that file, and anything older than that would have expired before the hackers got their hands on them.

credit cards expire explicitly for this type of event, the longer that a specific card is active; the more likely it is to get compromised.

purely debit based cards (with no option for "credit" transactions) are more dangerous because they are just supped up ATM cards and thus have no expiration date, however almost ALL debit cards come with some form of Credit function by default and thus are subject to the same expiration date functionality as full credit cards. so pretty much every single one of those debit transactions are more than likely bound to an expired card anyway.

Posted: May 2nd 2011 8:50PM Yellowdancer said

  • 2 hearts
  • Report
@Fakeassname

The PC version is a wasteland. The game fell on its face.

The PS3 side is doing better on the PvP servers. The PvE servers are mostly low.

Game is not doing well at all.
Reply

Posted: May 2nd 2011 9:02PM Fakeassname said

  • 2 hearts
  • Report
@Yellowdancer

what?

I'm talking about the credit card leak ...
Reply

Posted: May 2nd 2011 9:20PM (Unverified) said

  • 2 hearts
  • Report
@Fakeassname

I think he meant to reply to @Zantom.
Reply

Posted: May 2nd 2011 7:49PM aurickle said

  • 2 hearts
  • Report
I see that all current customers are being given a month of free time, plus an additional day for every day that the game is down. That's pretty generous.

On top of that, they're helping those customers who are identified as victims of the more intrusive thefts enroll in identity protection programs. That's a step above simply saying they recommend such action.

Posted: May 2nd 2011 8:01PM Zantom said

  • 2 hearts
  • Report
@aurickle

I missed where it is stated a month free and additional days... Is it in the original statements?
Reply

Featured Stories

Engadget

Engadget

Joystiq

Joystiq

WoW Insider

WoW

TUAW

TUAW