The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
Use the new PSN down thread
cloudeagle
Registered User regular
Registered User regular
Harsh, but that's the error message people have getting since April 20 when they try to connect to PSN. And that component is a big part of the experience with PS3s and PSPs (especially PSP Gos). Without it, there's no chatting, no digital game buying, no movie watching, no online gaming of any kind.
Now, outages happen in the computer world. An hour or two of outage? That's nothing. A day or two? annoying, but nothing horrible in the grand scheme of things. Over a week and counting? This is pretty big.
So what's been going on? That's part of what this thread is for. Sony's been pretty quiet on the issue, but finally released this bit of information on the PlayStation blog on day three:
Update On PlayStation Network/Qriocity Services
+ Posted by Patrick Seybold // Sr. Director, Corporate Communications & Social Media
An external intrusion on our system has affected our PlayStation Network and Qriocity services. In order to conduct a thorough investigation and to verify the smooth and secure operation of our network services going forward, we turned off PlayStation Network & Qriocity services on the evening of Wednesday, April 20th. Providing quality entertainment services to our customers and partners is our utmost priority. We are doing all we can to resolve this situation quickly, and we once again thank you for your patience. We will continue to update you promptly as we have additional information to share.
http://blog.us.playstation.com/2011/04/22/update-on-playstation-network-qriocity-services/
At first glance, it sounds like the work of Anonymous. They're a group of hackers that gets righteously indignant about random things, then vents their wrath at whoever with all the stealth and surgical finesse of the Incredible Hulk. And they got stirred up a little against Sony earlier in April over the whole George Hotz thing. So it's them, right?
Maybe not. Anonymous released this:
Anonymous tends to shout from the rooftops whenever they do something (and even louder when they don't), so it's a little telling that they aren't seeking credit.
Additionally, this seems to be unrelated to the problems on Amazon's servers that have taken down a bunch of websites.
So what is going on? Sony finally came clean on April 26, six days later:
Thank you for your patience while we work to resolve the current outage of PlayStation Network & Qriocity services. We are currently working to send a similar message to the one below via email to all of our registered account holders regarding a compromise of personal information as a result of an illegal intrusion on our systems. These malicious actions have also had an impact on your ability to enjoy the services provided by PlayStation Network and Qriocity including online gaming and online access to music, movies, sports and TV shows. We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week.
We’re working day and night to ensure it is done as quickly as possible. We appreciate your patience and feedback.
Valued PlayStation Network/Qriocity Customer:
We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:
1. Temporarily turned off PlayStation Network and Qriocity services;
2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.
We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.
Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.
For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.
To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:
U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit www.annualcreditreport.com or call toll-free (877) 322-8228.
We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a “fraud alert” on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.
Experian: 888-397-3742; www.experian.com; P.O. Box 9532, Allen, TX 75013
Equifax: 800-525-6285; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241
TransUnion: 800-680-7289; www.transunion.com; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790
You may wish to visit the web site of the U.S. Federal Trade Commission at www.consumer.gov/idtheft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or www.ncdoj.gov. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or www.oag.state.md.us.
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.
Sincerely,
Sony Computer Entertainment and Sony Network Entertainment
http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/
Update:
Q: Will our download history/friends list/settings be affected by the PSN downtime?
A: No, they will not.
Q: Will trophies that were earned in single-player offline games during the outage be intact when the service resumes?
A: These trophies are intact and will be re-synched when the network is once again operational.
Q: Will my PS+ cloud saves be retrievable?
A: Yes, once PSN is restored.
Q: What if we have a subscription to PS3 MMOs DC Universe Online or Free Realms? Will we get compensation for that?
A: From Sony Online Entertainment: “We apologize for any inconvenience players may have experienced as a result of the recent service interruption. As a global leader in online gaming, SOE is committed to delivering stable and entertaining games for players of all ages. To thank players for their patience, we will be hosting special events across our game portfolio. We are also working on a “make good” plan for players of the PS3 versions of DC Universe Online and Free Realms. Details will be available soon on the individual game websites and forums.”
Q: Will there be a goodwill gesture for the time we haven’t been able to utilize PSN/Qriocity?
A: We are currently evaluating ways to show appreciation for your extraordinary patience as we work to get these services back online.
http://blog.us.playstation.com/2011/04/28/qa-2-for-playstation-network-and-qriocity-services/
Sony finally truly speaks.
Notes handed out before a Sony press conference today (timed so conveniently at 1am EDT in the US, and noon on the Sunday of Golden Week in Japan) reveal that Sony plans to offer free downloads of unidentified "content," 30 days of free PlayStation Plus access to new and existing members, and 30 days of free Qriocity service. The paper also says that PSN service will be restored "soon."
Two days ago, a PlayStation Blog Q&A post mentioned that the company was considering a "goodwill gesture" to PSN users (and sure, why not Qriocity users too) put out by the two-week outage. The company will likely have to provide much more dramatic gestures to appease all the government organizations who have taken interest in the case (and, you know, that enormous data leak).
Sony "Executive Deputy President" Kaz Hirai has yet to take the stage, so there may be more details forthcoming, like the exact date of PSN reactivation. Follow along after the break for pseudo-liveblog coverage.
Sony guesses that hackers got into the network through an "application server," through which they were then able to get into the database servers and grab data.
Hirai estimates about 10 million PSN users with active credit cards tied to PSN. Security measures will include moving to a new physical data center, more firewalls, and a new "Chief Security Officer." And, of course, a PS3 firmware update. Passwords will only be changeable through the same PS3 that the account was started on, or through a verified email address. Hirai asks you to "be vigilant" and check your credit card statements. Good advice!
Sony will not contact you under any circumstances asking for your credit card number or other personal info. So if someone claiming to be Tom Sony asks for your credit card verification code, you're getting scammed!
Sony is "considering" covering the costs of credit card replacement for affected users. The company is instituting a "welcome back" program including free downloads of selected content, 30 days of free PlayStation Plus for new and existing users, and -- for Qriocity members -- 30 days of free services.
Hirai just called out Anonymous as having attacked Sony by releasing personal info about executives and family members. Sony will cooperate with law enforcement and other organizations to secure data and ensure safety. The fact that this note came right after the Anonymous thing suggests that they'll work with law enforcement to track those kids down too.
Nikkei just asked if all 10 million credit cards got out. Hirai said "we can't rule out the possibility" that credit card info was compromised, but Sony hasn't received any reports of illicit card info usage. Another exec on stage said that all Sony knew on April 20 was that there may have been an intrusion.
Hirai just reminded us that it's not really 78 million people whose info got stolen, because some of those 78 million accounts are duplicate accounts for the same person. He refrained from providing details of the investigation, because the case has just started. But he did say that "not to his knowledge" has Sony been working with law enforcement agencies out of the US, but they have brought "inquiries" to Sony.
The vulnerability in the web server was a vulnerability known about that particular type of server, one of the execs on stage said.
Hirai defended the long response time by saying that Sony took the PSN down as soon as something was shown to be wrong, but analysis took time. "Once we became aware of the situation, we moved promptly to warn customers."
A reporter asked what the purpose of the "intrusion" was. Hirai: "For the past month and a half, we've experienced attacks on various Sony systems. We have yet to identify a direct relationship with a group." Speculation about the objective: "We are not in a position to say one way or the other." That same reporter asked if passwords were encrypted. I believe (translation not being perfect) that Hirai said they were not.
If customers wish to cancel their services, Sony will cooperate in good faith.
Sony has to "keep the integrity" of its system to continue to encourage content creators to create products for PlayStation, Hirai says. Protection of customer information has always been part of the plan since the PS2 network. But now Sony has to "review" its system.
Another exec says Anonymous has attacked "repeatedly," but Sony doesn't know who is behind the recent attacks.
A reporter just asked why Sony Japan was slower to disclose the news than SCEA. Backhanded pat on the back, PlayStation Blog US. Hirai said SCEJ is looking into deploying a PS Blog for Japan.
Because the freebie content will be different by region, Sony was hesitant to put a price on it, but Hirai estimated "a few thousand yen" worth of free downloads. So like $20-25 or so?
In response to a question about install base, Hirai said 37 million PS3 systems are connected to PSN, and 16 million PSP units, but the total install base is larger. Sony isn't disclosing the userbase for Qriocity yet.
Why not hold a press conference on April 27, when the announcement was made? That's the question we all want answered ... according to Hirai, Sony wanted to have an estimate about resumption of services before holding a conference.
In response to concerns about future security, Hirai pledged that Sony will "do its best" to ensure secure data. If that helps.
"If there are, in the days ahead, damages suffered by customers, they will be dealt with on a case-to-case basis," Hirai says.
The evening's final question: what is Hirai's view about the relationship of this case to Anonymous? Hirai says there's "no certainty" of a connection. "It's not intended that they were implicated in any way" regarding this intrusion.
http://www.joystiq.com/2011/05/01/some-psn-services-to-return-this-week-full-services-within-thi/
Switch: 3947-4890-9293
cloudeagle on
0
Posts
Well, it's kept me from the PSN Store, and also trying out that new music streaming program, its name escapes me.
can't play
back to crysis 2 on the PC it is
it gives me a chance to explore all of the single player games i've barely touched
BLOGGU~
And IF tons of credit cards were stolen, this doesn't just hurt Sony and its customers, digital distribution as a whole stands to lose a lot. How many parents will refuse to get their kid stuff on Wiiware or Steam after hearing about the PSN hacks? How many fewer people will decide it's just not worth the risk at all with smaller storefronts like green man gaming and the like? Won't this make it all the harder for indie devs whose only chance to get their game out there is digital distribution?
3DS Friend Code: 2165-6448-8348 www.Twitch.TV/cooljammer00
Battle.Net: JohnDarc#1203 Origin/UPlay: CoolJammer00
I almost hope they lost the account history and are shitting their pants about having to tell their customers, "Sorry, tough shit. All your previously purchased PSN games, PS1 originals, and DLC just poofed. We'll happily resell them to you at very reasonable prices, though!" Just because that could basically strangle console DD in it's crib, and that would be fucking awesome.
I would strangle something all right. I've spent hundreds on PSN and Steam.
Why the hell would you wish for that evil?
// Switch: SW-5306-0651-6424 //
And if they did lose all the DD records, Sony would be hugely screwed in a lot of ways. They obviously couldn't offer to sell content to people who already bought it and would have to offer either some sort of cash/credit compensation for the lost content or replace it for free. But since they lost the records, trying to get everything back to even most people would be hellish.
Really, really doubt they lost the DD records, though. I'd be much more inclined to think it's some overlooked major error that cascaded through their system, a result of an effort to counter the recent piracy breakthroughs, or a result of trying to implement that Steam stuff that's been talked about. I'd consider those all a lot more likely than losing the equivalent of financial transaction data for millions of customers.
Because some people are bloody idiots?
COME FORTH, AMATERASU! - Switch Friend Code SW-5465-2458-5696 - Twitch
It's sorta like that Facebook thing. They don't go offline ever. Once they do, the reputation is irreparably broken. All that is needed to break the back on these vast digital stores is one big card heist.
'Go offline and fail horribly' is an event which does fall under the purview of 'Everything'. So really their slogan is accurate, at least.
To be honest, I'm starting to get concerned for Sony as a videogame company now. With Move underperforming, the PSPGo gone, 3D TVs doing middling at best, my personal doubts about the NGP, and now this...
I'm not saying outright DOOOOOOM or anything, but I just don't see the video game aspect of their business being healthy any time soon.
As for software, all the best selling Move games are Dualshock+Move option.
(It's not the single best FPS controller, better than/as good as KB&M, for nothing.)
// Switch: SW-5306-0651-6424 //
Edit: Yeah, assuming thefts took place.
Sadly, it DOES affect Hulu Plus.
Some old lady who likes Move may be pretty ignorant, but anybody who goes into a store and actually sees the different consoles will pretty clearly identify them as separate things and not one big glob. I know we like to hate on the mainstream folks, but they actually do have more than two brain cells to rub together; if a brand of TVs suddenly broke everywhere tomorrow, who would people blame? Every TV manufacturer everywhere or just that one manufacturer?
And the credit card thing is almost certainly a non-issue. If that happened and Sony waited this long to inform people when Sony knew right away, they would get court-raped for years and years without the consumers even getting involved. Sony knows that kind of pain all too well.
I don't necessarily want DD to die; I just hope doesn't get strong enough to kill off physical media in gaming.
The first is Sony accidentally deleting everything. Which I'm taking to mean the entire infrastructure, all account data, etc.
The second is a massive hacking on the service that went so far as to take people's credit card infos.
So my take on this; I was expecting it to be Anonymous and wouldn't care one way or the other if it was, but them putting out a statement that it wasn't them is a little surprising. I'm with them on the (high) possibility that Sony is just using an 'outside intrusion' being the cause while they try to smooth things over.
This isn't Earl's Byte Shack of Boogerville, Wyoming here, this is a ginormous, worldwide service.
Edit: If credit cards have been breached, and it turns out Sony didn't tell us and all the banks immediately, I'm going to be very, very pissed. As bad as breaches like that are, it's worse to just sit there and let people lose money knowingly.
Yeah, more households depend on the PSN than, say, Steam or GFW.
Edit - Or rather, if they aren't more dependent on it, it's a more common-home placing of DD.
Providing and not securing a means of pirating software is a pretty valid reason for Sony to fall silent and shut down everything. It's not something they'd want to broadcast - though I think the custom firmware in question has been public since February.
It's only a rumor, mind you, But if it were true, they would get fucked pretty hard in the courts for failing to inform the public immediately. I can't imagine what sort of preparation they could make, withholding the info, that would make it less bad for them, because it's easy to see how it makes it worse for them.
I'd just say, all you guys keep a close eye on your bank records for a while. Just in case.
I would believe that if the downtime was a day or less, but this has gone on for far too long for that to be a viable explanation.
"Ah-ha! Once again, the conservative offline-heavy portfolio pays off for the hungry gamer!"
Sometimes, it good to know that I can play a game even with all of this going on. I feel like, if ripples aren't already happening in the industry and digital distrib., they're going to happen at some point.
Pokemon White Friend Code: 0046-2121-0723/White 2 Friend Code: 0519-5126-2990
"Did ya hear the one about the mussel that wanted to purchase Valve? Seems like the bivalve had a juicy offer on the table but the company flat-out refused and decided to immediately clam up!"
Also if this was the case wouldn´t it just be easier/less damaging to just take down the developer networks while they sort this out instead of their whole online network?
Yeah, that's what I mean. Not doomed, but probably changed signficantly. Without jumping the gun, this might prove to be a sharp lesson.
EDIT: And this obviously isn't the first time.
Pokemon White Friend Code: 0046-2121-0723/White 2 Friend Code: 0519-5126-2990
"Did ya hear the one about the mussel that wanted to purchase Valve? Seems like the bivalve had a juicy offer on the table but the company flat-out refused and decided to immediately clam up!"
We had that explanation fairly fast, to contrast the situations. So, while I don't know the doom-scale on this, something bad has happened.
Every payment gateway provider I've integrated into various applications has a simple pattern to remove the possibility of a security breach on your systems leaking credit card info. You collect customer information and pass it to their gateway, which stores the sensitive bits and passes back an 'alias' key. You hang onto that alias and just use it whenever the customer buys something; the actual credit card info is never actually stored on your end.
At worst, a compromised system could allow someone to buy games using your alias...which would be really easy to track and reverse later.