psn-outage-2011
Latest
PSN devs offer mixed reactions to cost of outage
As consumers scramble to deal with the ramifications (identity theft!) of the PlayStation Network breach and subsequent outage, PSN developers are struggling with anxieties of their own. "PSN being out definitely affects our bottom line," Q-Games Dylan Cuthbert told IndustryGamers, "but as long as the people who were going to be playing Shooter 2 and other PixelJunk titles will get right back in there playing them when it comes back up, we'll be happy and hopefully income won't be dented too much." That could prove to be a big "but" -- Cuthbert's comments came before we knew PSN users' personal information had been stolen and consumer trust in Sony perhaps irrevocably damaged. Speaking to Develop, a UK-based developer, wishing to remain anonymous, observed that "people will be a bit more wary about using their credit card on PSN, so obviously we're nervous about sales." "There may be a lot of people who won't want to spend their money through PlayStation Network now," the same developer added. "We're expecting a 5–10 percent drop in business." The dev estimated that the studio has already lost "thousands" in expected revenue.
Hulu Plus offers one-week credit to subscribers using PSN
Though it seems minor now compared to the loss of personal data, one unfortunate effect of the PSN outage has been the inability to watch Hulu Plus through the PS3. Even though you can still use the paid service through your computer's browser, the iPhone and other devices, Hulu has chosen to compensate users for the lost PSN time by issuing one-week credits via email. The credit can be redeemed any time over the next two weeks -- it would probably be best to wait until there's a PSN again. As a nice bonus, Hulu also assured users that "No personal Hulu Plus account information was compromised as part of the Sony intrusion." [Thanks, Jordan]
Sony: response to PSN outage was dependent on 'forensic analysis'
What happened after Sony pulled the plug on PlayStation Network, and before it finally alerted customers that their information had been compromised during an unlawful intrusion? According to SCEE head of communications Nick Caplin, writing in a post on the European PlayStation blog this morning, Sony's lackluster communication efforts were impeded because the company didn't immediately assume the worst. "There's a difference in timing between when we identified there was an intrusion and when we learned of consumers' data being compromised," Caplin says. He goes on to explain that Sony learned of the "illegal intrusion" on April 19 and "subsequently shut the services down," though the official FAQ he links to in his post claims that Sony found the breach "between April 17 and 19." Furthermore, Caplin says that after shutting down PSN and Qriocity, "It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach." There's your disparity. The FAQ further notes that services will remain down until Sony can "verify smooth operation" of its network, though the company is "working hard to resume the services as soon as we can be reasonably assured security concerns are addressed." It also notes that folks looking for refunds may be out of luck for the moment, as Sony "will assess the correct course of action" regarding such requests when "full services are restored." Beyond one US Senator politicizing Sony's info breach, the UK's Information Commissioner's Office also announced today that it would be questioning the company on the issue. "We are contacting Sony and will be making further enquiries to establish the precise nature of the incident before deciding what action, if any, needs to be taken by this office," the ICO said of its plans in a statement to Eurogamer.
Sony's failure to report data breach incurs CT Senator Blumenthal's wrath
Connecticut Senator Richard Blumenthal is "demanding answers" about why Sony Computer Entertainment of America failed to inform customers of the data breach of the PlayStation Network on April 20. "When a data breach occurs, it is essential that customers be immediately notified about whether and to what extent their personal and financial information has been compromised," Blumenthal said in a release. "Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach." Of course, Sony just issued a statement that it says will be emailed to "all of our registered account holders" but, as we noted in our post, it's been nearly six days since the "intrusion" first took place. Blumenthal elaborated, "Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised." Sen. Blumenthal also sent a letter to SCEA President and CEO Jack Tretton, which can be found after the break.
Sony says PSN 'intrusion' compromised personal info; hopes to have 'some services' back 'within a week'
[PSA for PSN users, from your pals at Joystiq: Before you start reading this informative news post, go change every internet password you've ever had. Done? Okay, read on!] Nearly six days in, and Sony has finally sent out an email to the millions of affected PSN users explaining the prolonged downtime, and elaborating on the security implications of the "external intrusion" of the PlayStation Network. The most important new detail: Sony has determined that there has been "a compromise of personal information" as a result of the attack. The second most important new detail: "We have a clear path to have PlayStation Network and Qriocity systems back online, and expect to restore some services within a week." So, what did the bad guys manage to steal? Uhh ... just about everything, it seems. Here's what's in the definitely jacked column: "name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID." Our takeaway: you'd better start changing passwords if you use the same one frequently. We'll leave the decision on whether or not to pack your bags and move away up to you. In the possibly jacked column: "profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers." That leaves your credit card information, which ... well, we'll let Sony tell you itself: "If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained." Yikes. Sony provides a bunch of links for consumers to keep an eye on their data. Most important is probably the free credit report services. It also cautions PSN users to change their password when the service is back online. Lastly, while they never directly say as much, we're going to suggest making PSN purchases through other retailers instead of directly on Sony's service. Well, when it works again. But after that, stock up on some PSN points cards from anywhere else. Update 5:22pm: While we're working on a more thorough piece about what little old you can do in the face of such overwhelming barbarism, we did want to share some short tips. Our first tip comes to us from friend-of-the-site Robin Yang, who (re)tweets: "To see what card you used w/ PlayStation Network, check your emails from 'DoNotReply@ac.playstation.net.'" Once you've figured out what that card is, call your bank and tell them you think it may have been compromised. That's one part of the security equation. Next up is your password, and it's a little trickier. Giant Bomb's Patrick Klepeck asked Sony if there was any way to learn what password was attached to a PSN account and was told "there is currently no way to determine what password you were/are using on PSN." That means you should probably be changing everything. Then again, if you followed our pre-post recommendation, you've already done that. Update 2 6:02pm: Maybe you live in Europe and, thanks to the cultural and geographic gulf that separates you from North America, you thought your data was safe? Wrong. SCEE has issued a similar notice on the UK PlayStation blog. This is somewhat of a larger logical leap, but if you managed – however briefly! – to pair your Steam account with your now-compromised PSN account last week, you need not worry! A Valve rep told Joystiq, "Nothing to be worried about. Steam has nothing to do with the PSN outage." So stop worrying ... about that one thing. You can continue worrying about the PSN data breach.
PSN Tuesday: ...
Sony rep to Joystiq: "Today's PlayStation Store Update will be rescheduled once service is restored." Choose your platform to view the corresponding release list:
Rumor: 'Rebug' custom firmware enabled 'free' PSN downloads, forced Sony's network shutdown
According to PSX-Scene forum moderator, "chesh," the now six-day-long PlayStation Network outage may be the result of a particularly exploitative custom firmware (CFW) modification for PS3. In a post on Reddit, chesh claims that a CFW known as "Codename: Rebug" had given its users the ability to log into PSN as if they were doing so from a developer console (or "debug unit"). As a result, chesh contends, this same exploit could allow its users to add funds from "dummy" credit card accounts into their PSN wallets, ostensibly giving them the ability to "unlock" (read: steal) certain PlayStation Store content. Joystiq's research into the purported exploit has turned up multiple tutorials detailing the process, which appears alarmingly easy to execute on consoles running the Rebug CFW. The hack does not allow its users to access the credit card or other personal information of PSN users, chesh adds. Nevertheless, as we reported earlier today, Sony is working to rule out information theft as part of its investigation during the maintenance outage in which the company is also implementing new security measures. Sony has not yet responded to our request for comment on this story.
Sony still investigating scope of PSN attack as maintenance outage enters Day 6
As Sony's forced PlayStation Network and Qriocity outages continue, stretching into what is officially Day 6, the company issued a very un-update to would-be users this morning: "Unfortunately, I don't have an update or timeframe to share at this point in time," said corp. comm. director Patrick Seybold on the PlayStation Blog. "As we previously noted, this is a time intensive process and we're working to get them back online quickly." Speaking to PCWorld, SCEJ spokesperson Satoshi Fukuoka clarified that a "thorough investigation" was ongoing into what the company has characterized as an "external intrusion" into its system, which prompted the service suspensions. More troubling than any frustration caused by downtime over this past weekend, however, is the continued uncertainty about the extent of the attack. According to Fukuoka, Sony had yet to determine if users' personal information or credit card numbers had been accessed by the apparent hackers. If that's found to be the case, he assured, Sony would promptly inform those potentially affected. On Saturday, Seybold noted that "additional security" would be put in place before the services relaunch, calling this "re-building" effort both "time-consuming" and "necessary."
PSN outage due to 'external intrusion' [update]
You might have guessed this already, but it's no simple error that's been keeping the PSN down over the last few days, forcing us into productive activities (like writing this) instead of playing multiplayer Spelunker HD. Sony finally came forward on the PlayStation Blog and admitted that "An external intrusion on our system has affected our PlayStation Network and Qriocity services." Sony says it turned off PSN and Qriocity services on Wednesday to investigate this "intrusion" further. If this is the work of "Anonymous" members, they failed to read their own nebulous organization's press release -- Anonymous supposedly backed off from PSN attacks in early April. It's entirely possible, however, the latest hackers are members of no group other than the loose worldwide confederation of jerks. Update: PlayStation Blog has provided another update on the outage, explaining, "we are working around the clock" to bring the PSN back online. The update adds, "Our efforts to resolve this matter involve re-building our system to further strengthen our network infrastructure. Though this task is time-consuming, we decided it was worth the time necessary to provide the system with additional security."
PSN 'down for maintenance' in North America and Europe [update]
Both SCEA and SCEE are acknowledging service outages for the PlayStation Network (as is our own PS3, for that matter -- we just wanted to play Castle Crashers for a few minutes!). Users have been reporting inability to sign in to PSN since yesterday, and a thread on the EU PlayStation site calls out specific issues with Qriocity, PlayStation Store, and account management. On Twitter, Sony said PSN is "down for maintenance." That message board thread will be updated, Sony says, when there's more information on the outages (like when they'll end). Right now it's just one useful post followed by seven pages of complaints, and complaints about complaints. Update: The PlayStation Blog now reports that "it may be a full day or two before we're able to get the service completely back up and running."
