psn-outage-2011
Latest
Court approves settlement over Sony's 2011 PSN breach
The US District Court for the Southern District of California approved a settlement for the class action lawsuit resulting from Sony's 2011 PSN data breach. The settlement may result in Sony doling out as much as $17.75 million, which includes an offer for one free game (PS3 or PSP only), three PS3 themes or credit for three months of PlayStation Plus membership (valid only for new subscribers). The claimant groups are divided based on whether PSN account holders prior to May 15, 2011 took advantage of the "Welcome Back" program following the intrusion. Those that did not accept the PSN Welcome Back offer can claim two of the benefit options among the games, themes and PS Plus membership credit on a first come, first served basis until a $6 million allocation from Sony is reached. For those that did take advantage of the program, they will receive one of the benefits above until a $4 million allocation is reached.
Sony drops appeal for ICO-issued 2011 data loss fine
Sony dropped its appeal and will therefore have to pay a £250,000 fine issued by the UK Information Commissioner's Office related to a massive data breach on PSN in April 2011. ICO issued the fine in January 2013, calling the hack a "serious breach of the Data Protection Act." "After careful consideration we are withdrawing our appeal. This decision reflects our commitment to protect the confidentiality of our network security from disclosures in the course of the proceeding," a Sony representative told V3. "We continue to disagree with the decision on the merits."
PSN hacking suspect sentenced to house arrest for destroying evidence
This week, 23-year-old Ohio resident Todd M. Miller was sentenced to a year of house arrest for destruction of evidence and obstructing a federal investigation into a 2008 hacker-led PlayStation Network breach. The Columbus Dispatch reports that US District Judge Peter C. Economus said Miller was a member of the KCUF hacking clan in 2008 when the group organized an attack on the PlayStation Network, potentially compromising user data. The FBI contacted Miller while investigating another hack in 2011 that resulted in an extended PSN outage. After obtaining a search warrant, the FBI entered Miller's home to find that his computers were smashed and his hard drives were missing. Lacking evidence to bring up Miller and another suspect on hacking charges, the FBI instead charged Miller with obstructing the investigation. While Miller faced up to 20 years in prison and a $250,000 fine, he was sentenced to three years of probation and a year of house arrest for obstruction of justice. The judge additionally ordered Miller to obtain a high-school equivalence certificate, as part of his sentencing.
PSN class action settled in Canada, users can claim benefits
While payouts are still pending the Ontario Superior Court of Justice, Sony has settled in a class action lawsuit over the PSN hack and outage in 2011. If you were affected by the outage (i.e. if you had a PSN, Qriocity, or SOE account in 2011, and you're in Canada) you can fill out a claim form here.If you stopped using your PSN account after the hack, you can ask for the contents of your wallet to be reimbursed. If you kept your PSN account and participated in the "Welcome Back" promotion, you can choose an additional game from a list consisting mostly of the "Welcome Back" games, or you can choose three dynamic PSN themes, or half off three months of PlayStation Plus. Qriocity accounts are entitled to one additional free month. SOE accounts can request repayment of wallet balances for no-longer-used accounts, or $4.50 in "Station Cash."There is a separate claim form for PSN users who suffered losses from identity theft as part of the hack.
UK government fines Sony for 'serious' 2011 PSN breach, Sony to appeal
The UK Information Commissioner's Office has fined Sony £250,000 for the offense of having been hacked in 2011. The office called the infamous PlayStation Network hack "a serious breach of the Data Protection Act."The ICO found that the attack was preventable "if the software had been up-to-date," and passwords were not sufficiently protected. "The penalty we've issued today is clearly substantial," said Deputy Commissioner and Director of Data Protection David Smith, "but we make no apologies for that. The case is one of the most serious ever reported to us. It directly affected a huge number of consumers, and at the very least put them at risk of identity theft."Sony plans to appeal the ruling, according to a statement passed on by BBC reporter Steph McGovern.
Class action lawsuit from PlayStation Network hack mostly dismissed
Federal Judge Anthony Battaglia dismissed several key claims of a class action lawsuit leveled against Sony after 2011's PSN hack. Battaglia's order dismissed such claims as negligence, restitution, unjust enrichment, bailment and violations of California consumer protection statutes, Courthouse News reported.Battaglia found that Sony didn't violate consumer protection laws because "none of the named plaintiffs subscribed to premium PSN services, and thus received the PSN services free of cost." Additionally, the privacy policy that all subscribers signed included "clear admonitory language that Sony's security was not 'perfect,'" and "no reasonable consumer could have been deceived."The bailment charge was dropped because "plaintiffs freely admit, plaintiffs' personal information was stolen as a result of a criminal intrusion of Sony's Network," Battaglia wrote. "Plaintiffs do not allege that Sony was in any way involved with the Data Breach."Battaglia offered the class an option to amend its claims for injunctive relief and violation of consumer protection law.
How GeoHot went from winning science fairs to instigating the hacker war
Hackers built the Internet. Throughout the 1970s and '80s hackers altered the Internet from a strictly business communications system for the defense department and librarians into a robust online community for anyone with a computer to use as they pleased. The Internet and computer technology is still evolving, perhaps at a a faster, more public rate today, and hackers are still at the forefront of its design. Hackers such as Geohot, the guy who rooted Sony's PS3 early last year.George Hotz posted the PS3 root key online with a statement reading "I don't condone piracy" in January 2011 and it spread online. Geohot became an unsuspecting martyr in the hacker community when Sony sued him and won an injunction barring him from ever tampering with a Sony product again. Thus began the hacker wars, The New Yorker suggests in a biographical run-down of 2011's events.Hotz was brilliant in science and technology fields throughout middle and high school, winning $15,000 at the Intel International Science and Engineering Fair in 2007 and appearing in Forbes and on The Today Show for his technological achievements.He hacked the PS3 master key while he was high on OxyContin and Vicodin. He didn't condone or participate in any of Anonymous' hacks into Sony's servers, and since his online spotlight has faded he's worked for Facebook, quit and run amok in Panama, and met with Sony engineers curious about his methodology. He has reminders to "Call therapist" on his whiteboard. Geohotz is human, The New Yorker makes sure to point out.The full story is available here, or we figure you can just watch this eerily similar dramatic recreation of an antisocial programmer's rise to fame. They're both human, after all.
Lawsuit filed against Sony's anti-lawsuit provision
A class-action suit filed in a California court late last month seeks to reverse Sony's forced prevention of class-action suits, which the company buried in a mandatory PSN update, following the PSN security breach earlier this year. Gamespot reports the suit claims Sony engaged in unfair business practices by forcing consumers to choose between giving up access to PSN or the right to a class-action lawsuit over hardware they purchased. The suit also calls out Sony for only allowing consumers to opt-out of the class action provision by snail mail, rather than any modern communication method. We've contacted Sony for an official statement about the suit. Update: A Sony representative informed us, "We don't comment on pending litigation."
New PS3 Terms of Service aim to prevent class-action lawsuits, are part of mandatory PSN update
Unsurprisingly, the nearly month-long PlayStation Network outage and related security breach resulted in the inevitable class action lawsuit. And while that's fair game, Sony isn't taking it lying down. The Japanese consumer electronics giant has amended its online gaming service's Terms of Service – that's the giant wall-o-text that consumer have learned to gloss over while hunting for the "Agree" action. Sony's solution: Why, a mandatory system update, of course! The next time users log into PSN, they'll be greeted with the all-too-familiar request to update their consoles; however, this update includes the aforementioned new Terms of Service which, amongst other things, include the following notable enhancement: ANY DISPUTE RESOLUTION PROCEEDINGS, WHETHER IN ARBITRATION OR COURT, WILL BE CONDUCTED ONLY ON AN INDIVIDUAL BASIS AND NOT IN A CLASS OR REPRESENTATIVE ACTION OR AS A NAMED OR UNNAMED MEMBER IN A CLASS, CONSOLIDATED, REPRESENTATIVE OR PRIVATE ATTORNEY GENERAL LEGAL ACTION, UNLESS BOTH YOU AND THE SONY ENTITY WITH WHICH YOU HAVE A DISPUTE SPECIFICALLY AGREE TO DO SO IN WRITING FOLLOWING INITIATION OF THE ARBITRATION. THIS PROVISION DOES NOT PRECLUDE YOUR PARTICIPATION AS A MEMBER IN A CLASS ACTION FILED ON OR BEFORE AUGUST 20, 2011. Naturally, this change isn't going to sit well with consumers but it is in Sony's best interest to try any and everything it can to protect itself from retaliation if and when this happens again. Sony's Patrick Seybold addressed the change, saying, "This language in our TOS is common and similar to that of many other service related Terms of Service Agreements. It is designed to benefit both the consumer and the company by ensuring that there is adequate time and procedures to resolve disputes." You can opt out of this easily, by just ... sending a letter? Sony is keeping things simple, and offers this easy opt-out method: RIGHT TO OPT OUT OF BINDING ARBITRATION AND CLASS ACTION WAIVER WITHIN 30 DAYS. IF YOU DO NOT WISH TO BE BOUND BY THE BINDING ARBITRATION AND CLASS ACTION WAIVER IN THIS SECTION 15, YOU MUST NOTIFY SNEI IN WRITING WITHIN 30 DAYS OF THE DATE THAT YOU ACCEPT THIS AGREEMENT. YOUR WRITTEN NOTIFICATION MUST BE MAILED TO 6080 CENTER DRIVE, 10TH FLOOR, LOS ANGELES, CA 90045, ATTN: LEGAL DEPARTMENT/ARBITRATION AND MUST INCLUDE: (1) YOUR NAME, (2) YOUR ADDRESS, (3) YOUR PSN ACCOUNT NUMBER, IF YOU HAVE ONE, AND (4) A CLEAR STATEMENT THAT YOU DO NOT WISH TO RESOLVE DISPUTES WITH ANY SONY ENTITY THROUGH ARBITRATION. We'd love to know what kind of postcard you're using for this letter and, as Ars Technica points out, you may want to get signature and tracking service. For more thrilling reading from the new Terms of Service, head on past the break where we've embedded the entire thing, with changes marked in red.
Sony names former US Homeland Security official Philip Teitinger as 'Chief Information Security Officer'
Though Sony's initial reaction to the enormous PlayStation Network breach earlier this year may have been less than stellar, the company responded in force as time went on, even vowing to hire a "Chief Information Security Officer" eventually. This morning, the company named the person filling that position: former director of the US National Cyber Security Center Philip Reitinger. Serious business! Reitinger is actually filling two roles, as he's been hired on as senior vice president as well as chief information security officer, reporting to executive VP and general counsel Nicole Seligman. A Sony spokesperson reconfirmed that the appointment of Reitinger was due to this year's PSN breach, and specifically noted, "We are looking to bolster our network security even further." May we suggest hiring a certain superhacker known as "Zero Cool"?
Stringer: PSN bouncing back after this year's attack
PlayStation Network has had a hell of a time with public relations this year. After the well-publicized attack on the service (which potentially exposed the personal information of millions of users), Sony has done everything it can to regain the trust and goodwill of its customers. It would seem those efforts appear are paying off, according to claims conveyed by CNET. The site reports that Sony CEO Howard Stringer recently addressed the subject at the IFA conference in Berlin, saying that PlayStation Network is "more secure and better than ever." He added that the company is working to expand the service, which has added 3 million new customers since the attack. Furthermore, Stringer noted that PSN sales have actually increased relative to pre-attack levels. According to Stringer, "the summer of our discontent is behind us."
Sony's Tim Schaaff: PSN outage was a 'great learning experience'
We suppose that after having your 77 million-user-strong gaming and shopping network shut down for close to six weeks, you learn how to see the silver lining on even the darkest clouds. For instance, Sony Network Entertainment president Tim Schaaff recently spoke at the GamesBeat 2011 conference about the PSN downtime, and said Sony is "very pleasantly surprised by the experience," explaining that, "the customers have all come back, and network performance is better than ever, sales are better than ever." Though the downtime cost Sony an estimated $171 million, Schaaff added, "It's been a great experience," and later clarifying, "I would not like to do it again. One time was enough. Great learning experience." We agree! Without the ability to play games online on our PS3s for a month and a half, we had time to learn all kinds of stuff, like rollerblading, flying a kite, and some very basic ukulele techniques.
Sony extends identity-theft protection registration through July
Sony has extended the registration period in the United States for its identity-theft protection service, AllClear ID Plus, which will provide one year of free, intensive security coverage for PSN and Qriocity users. Registration will now run until July 31 (at 11:59:59 p.m. CST, Sony has been sure to clarify), right from the US PlayStation website. The offer initially ended June 28, so sign up now while this armored, bullet-proof window of opportunity is still open.
PlayStation Store returns to Japan July 6
Good news for those of us waiting to log into our Japanese PSN accounts and pick up more freebies! Oh, and also for people who actually live in Japan. Sony has finally straightened out all the issues holding back the relaunch of the PlayStation Store there, and will fully reactivate the store, Qriocity, and all other inactive services on July 6. Japan is the last region to be reactivated, according to Sony; thus, with the renewal of all of the PSN services, Sony can now claim that the PSN is back. And we can soon claim our copy of Echochrome.
Report: Sony CEO Stringer asked to step down by shareholder
During a Q&A session at Sony's annual shareholder meeting last night, an investor asked CEO Howard Stringer why he was still there. Okay, it wasn't that abrupt, but according to AV Watch's report of the proceedings, an investor did call for a change of leadership, due to lowered trust and stock prices after the PSN data breach. Stringer responded by saying the question was understandable, and then apologized for the inconvenience (again). He said Sony is working to strengthen its information management systems to their "maximum." Stringer also told shareholders that, following the resumption of PSN services, 90% of users have returned. Presumably, that's 90% of the users who can return, a group that doesn't include anyone in Japan since PSN access (specifically the store) hasn't been fully reactivated.
Class action lawsuit alleges Sony layoffs made PSN vulnerable
A class action suit was filed this week in San Diego, alleging that Sony made its online services less safe by laying off important staff just before the April security breach. The suit, against Sony Corporation of America, Sony Computer Entertainment America, Sony Pictures Entertainment and Sony Network Entertainment International, is based on testimony from confidential witnesses (ex-Sony employees) who claim that Sony knew its security was compromised due to previous, smaller-scale intrusions. An SOE platform engineer claims that "Sony's technicians only installed firewalls on an ad-hoc basis after they determined that a particular user was attempting to gain unauthorized access to the network." The suit also alleges, as stated by another confidential witness, that Sony "spent lavishly" on security measures for its own PS DevNetwork, but didn't put the same effort or budget into securing users' data. Sony Online Entertainment enacted large-scale layoffs in March of this year -- just weeks before the massive data breach. One witness quoted in the claim said that those layoffs included staff from the company's Network Operations Center, which would have been instrumental in addressing a data breach.
Three arrests made in connection with PSN hack
The New York Times reports that the Spanish police have picked up three suspects in connection with the PSN hack that brought the network down over the last month and a half. The arrests include one man in the city of Gijón who allegedly had a computer in his house that was used to attack PSN. The same computer was reportedly involved in attacks on Spanish banks and other entities. The other two arrests took place in Valencia and Barcelona, but no further information was provided. Spain's National Police, according to NYT, claim that the three suspects were part of the "local leadership" of the hacking group Anonymous, and that the police found its suspects by analyzing chat logs and web pages. The arrests were made as part of an investigation that began in October of last year following a hack on the Spanish Ministry of Culture website. Anonymous has previously denied official involvement with the PSN hack, though some members have speculated that the attackers were likely connected to the group. [Thanks, David!]
SCEA president Jack Tretton apologizes for PSN breach and outage
With surprising candor, Sony Computer Entertainment Americal president Jack Tretton kicked off the Sony E3 2011 press conference with a formal apology for the PSN breach and outage which plagued the system earlier this year. Check out a video of his statements after the jump.
PlayStation Network's 'Welcome Back' content now available
Sony is currently rolling out the content previously detailed in its "Welcome Back" package in North America. A post on the US PlayStation Blog details as much, and dishes out a lengthy FAQ on the offerings. First and foremost, if you weren't a PlayStation Network user before April 20, 2011, you're out of luck. For the rest of us, PS3 owners can choose two free games from a list of five, while PSP owners can choose two free games from a list of four. To do so, head to the PlayStation Store and then to the "Welcome Back" area where you'll see the selection of titles (seen above). There's also a new free version of PlayStation Plus, which is the one free month everyone gets as part of the "Welcome Back" program. And finally, the promised free "On Us" films are also currently being offered, and will remain so throughout the coming weekend. You'll have one month to grab your free games and other content, as the Welcome Back tab will disappear after July 3, 2011. PlayStation Plus users will automatically have 60 extra days added to their subscriptions, Sony says. And though no details have yet been provided, "posts over the coming days" will apparently explain how the past month of missing content will be added to PSN. Update: The European "Welcome Back" content is now also rolling out, according to the EU PlayStation Blog. Update 2: As you might expect, things are a tad bumpy (especially on the PSP side of things, which isn't even showing a "Welcome Back" option for us), so maybe waiting an hour or two would be a good idea. Update 3: If you can't get your free games even though you used to be able to see them, we've got the fix from the EU PS Blog after the break!
Security expert says PSN still not safe
While Sony is busy welcoming its customers back to PlayStation Network, some aren't celebrating just yet. Speaking to IndustryGamers, security expert Gregory Evans said that PSN still isn't safe because Sony is "relying on the wrong people to secure their system." Specifically, Evans believes that Sony (and most companies) use "IT managers" instead of true security experts or, to put it a different way, hackers. IT managers, in Evans' estimation are "just book-smart people who went out and read a book and passed the test." He likened them to military infantry, trained only in basic skills, whereas hackers are more like highly skilled Navy SEALS. Evans would seem to be something of an expert on the subject ... having been to federal prison for hacking major companies like AT&T, Sprint and Worldcom. Evans now runs a security company, helping companies build more secure networks. Sony isn't a special case, however, as Evans noted that any online-capable gaming console is potentially at risk and no network is completely secure. He added further that "these attacks will continue to happen." So, happy gaming, everyone!
