PSN Information has been compromised

[Icarus Moonsight]

I work in security... There is much liability that goes with that. Sony has blame in negligence. Data has value, financial data has among the highest value. So, Sony decided to keep all that data open and free without security, but they certainly lock down their content however they can. So it's not like they were not aware of the risk. I sincerely hope they loose their asses in legal fees and settlements and Jack Trenton winds up living in a 32" Wega box. They called it down on themselves. Idiots.

[Frankie_Says_Relax]

I work in security... There is much liability that goes with that. Sony has blame in negligence. Data has value, financial data has among the highest value. So, Sony decided to keep all that data open and free without security, but they certainly lock down their content however they can. So it's not like they were not aware of the risk. I sincerely hope they loose their asses in legal fees and settlements and Jack Trenton winds up living in a 32" Wega box. They called it down on themselves. Idiots.

Can you point us to some type of official reference (that isn't a hacker blog BBS or a chat log extolling that allegation) that details that Sony's severs are/were maintained "open and free without security"?

That concept seems absolutely and completely absurd. (Not to mention contrary to the public statement post investigation that all credit card data was maintained in an encrypted state and determined to have not been compromised.)

If it is true I'd love to see proof.

Certainly a chance to alter my opinion on this matter!

[Icarus Moonsight]

If it is true I'd love to see proof.

If it is true, yes. I'm taking it at face value at this point, if it turns up jack, then fine. I by no means regard the parties that intruded into their system as innocent or heroic (they violated Sony property and if the CC# theft part is true, also stole or can potentially steal from their customers). They are liable for their actions, just as Sony could be liable for any lack of reasonable action or diligence. They were compromised and people have good reason to be concerned about their possible exposure. There needs to be loss in order to be owed damages.

[kupomogli]

On the PSN account information you can remove your credit card information. At this time it doesn't help people because the PSN is down, but say you add your card to purchase something on the PSN, then afterwards you remove the card. Would they be able to pull up credit card numbers of past transactions or just the credit cards that are on file, if they did happen to pull the cards.

[TonyTheTiger]

The part that concerns me about the crusade against Sony is that Sony isn't doing anything different from any other company/organization. Be it Nintendo, MS, Citibank, or the Federal Bureau of Investigation.

Of course the situation is balls. And of course there are ample reasons to be extra careful when you have sensitive personal information in your company systems. But the elephant in the room is that this could have been any company.

If Sony's security measures were decidedly substandard compared to other organizations that deal with sensitive data (or simply what's considered standard practice and "reasonable" behavior) then zoning in on Sony in particular would be more than justified. But I'm not sure that's the case. What I see is a game of hot potato. Sony just happened to be the schlemiel that was holding it when the music stopped.

That doesn't excuse the situation or kiss the boo-boo to make it all better but I think it says something when the name "Sony" in "Fuck Sony" or "I hate Sony" or "Sony screwed up" could easily be the variable "X."

[Frankie_Says_Relax]

Here is the official "welcome back" run-down from Sony.

http://blog.us.playstation.com/2011/...ble-this-week/

and here is the theme from Welcome Back Kotter to play while you read it:

http://www.youtube.com/watch?v=IGFwGwV1lZc

[The 1 2 P]

And it gets worse.

[Frankie_Says_Relax]

If it is true, yes. I'm taking it at face value at this point, if it turns up jack, then fine. I by no means regard the parties that intruded into their system as innocent or heroic (they violated Sony property and if the CC# theft part is true, also stole or can potentially steal from their customers). They are liable for their actions, just as Sony could be liable for any lack of reasonable action or diligence. They were compromised and people have good reason to be concerned about their possible exposure. There needs to be loss in order to be owed damages.

I'll be interested to see how it all plays out, and I completely agree with that assessment of things.

If there are any demonstrable losses by any party where this is concerned Sony should do what is needed to rectify those losses.