04-27-2011, 09:02 PM
|
#41
|
|
Redundant Minister of Redundancy
Join Date: Apr 2004
Location: Montreal
|
Quote:
Originally Posted by LockedOut
Hard to come to the conclusion these fraud actions were a result of the hacking of PSN. It could easily be something else. Fraud happens all the time and there were 77 million PSN accounts. Easily a coincidence. (ie. don't panic)
|
That is of course possible. But are you willing to bet your credit card on it?
|
|
|
|
The Following User Says Thank You to BlackEleven For This Useful Post:
|
|
|
04-27-2011, 09:13 PM
|
#42
|
|
First Line Centre
Join Date: Nov 2006
Location: Calgary
|
Quote:
Originally Posted by 3 Justin 3
Boy do I hope they find the hackers. Because they won't just get sued but totally ass-fataed back to the 1500's.
|
Fat chance. Did you know the chances of a hacker getting caught and prosecuted are slightly lower than winning the lottery? No, seriously.
Sony not only screwed up in allowing the hack to happen, but their handling of the entire situation is alarming to say the least.
|
|
|
|
|
04-27-2011, 10:36 PM
|
#43
|
|
Scoring Winger
Join Date: Nov 2003
Location: Oregon
|
Well, this isn't the first time my CC has been compromised and its not the last either. Guess I need to call my bank. Although I can't say I'm all up in arms about this.....
|
|
|
|
|
04-27-2011, 11:10 PM
|
#44
|
|
Franchise Player
|
I had a temporary hold placed on my CC. While the customer service rep was doing this we discussed the finer points of fraudulent card use. In my card's case, the zero liability was only in effect if my PS account did not have the same password/pin as my online banking. Found that quite interesting.
While I was requesting a new number for my other card, I was told by a customer rep supervisor that they weren't concerned about my number being used fraudulently as Sony hasn't confirmed CC info was accessed. I mentioned the ars technica article that BlackEleven had posted. I realize that the chances may be slim that my card number gets used based on the number of cards that would have been accessed, and the ars technica article may have been based on coincidence. The fraudulent use could have come from maintaining the same username/password for banking and PSN which I wouldn't think is an issue for most. Don't really care. It's not worth the hassle to have an all-expense paid trip to Costa Rica that I'm not on show up on my card. Even if I'm not liable, I still have to cover the payment and interest until the dispute is settled and the funds are rebated.
Not sure if the Canadian numbers for Equifax and TransUnion are the same as the US ones given in Sony's email, but here's the websites.
Equifax
TransUnion
I've found getting a credit check online is much easier than trying to do it over the phone. Just a heads up. If you're going for a credit check, make sure you have access to bank statements, all your CC info, loan info, previous addresses. As much financial history as you have, as the questions to get it are usually extensive (last time they asked me for a PO box I had for a short amount of time over 15 years ago.)
Both services offer credit reporting (they contact you if something is amiss, instead of you checking your credit every so often). Equifax offers insurance for identity theft, if you're into that sort of thing. I found that TD Meloche Monnex does as well, so I would assume other car/home insurance companies also do.
I plan on doing some research on 1password that FanIn80 mentioned. I also found this option:
IronKey
My biggest disappointment in this whole situation is the fact that Sony had the information on their blog almost two full days before emailing users. They manage to email me offers and upcoming games weeks before they're out, but this they manage to delay.
Maybe I'm being overly paranoid, but hopefully some other PSN users can find something useful in my ramblings 
--- Update from the Playstation blog ---
Quote:
Q: Was my personal data encrypted?
A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.
|
Last edited by DownhillGoat; 04-27-2011 at 11:26 PM.
|
|
|
|
|
04-28-2011, 08:20 AM
|
#45
|
|
Redundant Minister of Redundancy
Join Date: Apr 2004
Location: Montreal
|
I called my CC company as well and they cancelled my card immediately on the spot. They also suggested using TransUnion or Equifax in case of identity theft. Any idea what those services cost and how effective they are?
I also changed a few of my online passwords. I didn't reuse the PSN password anywhere, but it's something that should be done from time to time anyway, and I figured now was as good of a time as any.
This is turning out to be a much bigger pain than I expected.
What really bugs me about the whole situation is that a company that has gone to such great lengths to "protect" their own data -- root kits, lawsuits and closed proprietary standards -- can be so cavalier with their customer's data. Sony should have the resources and the know how to prevent this sort of thing. Of course, I realize I'm talking about the same company that authored this gem:
#define rand() 4
|
|
|
|
|
04-28-2011, 08:39 AM
|
#46
|
|
Franchise Player
|
Quote:
Originally Posted by BlackEleven
They also suggested using TransUnion or Equifax in case of identity theft. Any idea what those services cost and how effective they are?
|
Equifax site lists the Credit Watch service at $15 a month. Single Credit Report is $20, and Credit Score is $25. From my experience the basic credit report is enough to detect fraud. Although as I pointed out in my previous post, you'll only detect it when you get a credit report, whatever the frequency may be. With the Credit Watch, Equifax will alert you of suspicious activity.
I've found the information to be fairly accurate (I've had one inaccuracy in the last 10 years of checking these periodically) which makes it effective if someone's created a new card/loan/whatever under your name.
|
|
|
|
|
04-28-2011, 08:55 AM
|
#47
|
|
Dances with Wolves
Join Date: Jun 2006
Location: Section 304
|
Quote:
Originally Posted by kunkstyle
Variations of it or a few things. Nothing overly sensitive. Mostly forums, etc.
Figured since I was changing some I may as well change anything that is associated with my PSN email while I was at it. Like you said, it's not a bad idea to change passwords now and then anyways.
Thanks for the 1password suggestion. I'll take a look at it. Are there any options to make it portable (ie on an encrypted USB stick) so a guy can use it at work, etc? Or is it only for use on your main computer?
|
Not only is the answer yes, but I'd say 1Password doesn't reach full potential until you use it on your mobile devices as well. It's available for both iOS devices and adroid devices.
As Fanin80 mentioned, you can have your passwords sync via dropbox, so when I sign up for a website and save the password, it's immediately available to me on my iPhone and iPad.
I saw an interesting video on hacking last month by a hacker who had his laptop stolen. It was actually a pretty funny clip... the guy ended up installing a keylogger on his computer and was able to record the keystrokes of the guy who stole his computer. He had several lessons at the end of the talk and one was that by using something like 1Password you aren't typing in passwords, which makes it difficult for keyloggers to get access to those.
One thing that has always interested me about online credit card fear: I bet very few people who are freaked out about this have much trouble with handing their credit card over to a server at a restaurant. I knew a guy who worked as a safeway cashier who could memorize your CC# and all he had to do was pretend to be looking at the name and signature.
|
|
|
|
|
The Following User Says Thank You to Russic For This Useful Post:
|
|
|
04-28-2011, 09:06 AM
|
#49
|
|
Franchise Player
|
Quote:
Originally Posted by Russic
One thing that has always interested me about online credit card fear: I bet very few people who are freaked out about this have much trouble with handing their credit card over to a server at a restaurant.
|
That always makes me chuckle. My mom hates using her credit card online, and only even started to after I pointed out she has no problems giving her card to the 16 year old kid at the full service station while she waits in the car. Worst part of that is your CSV number is on the back of the card.
|
|
|
|
|
04-28-2011, 09:12 AM
|
#50
|
|
Franchise Player
Join Date: Feb 2006
Location: Calgary
|
I love how some posters on gaming messages boards are comparing Sony to BP. One was one of the biggest ecological disasters in history. The other requires most people to spend 10 minutes changing passwords, and won't let people play games on-line for about a week. Yah, that's really comparable...
|
|
|
|
|
04-28-2011, 09:22 AM
|
#51
|
|
Franchise Player
|
Quote:
Originally Posted by Russic
As Fanin80 mentioned, you can have your passwords sync via dropbox, so when I sign up for a website and save the password, it's immediately available to me on my iPhone and iPad.
|
So how does that work exactly? Do you copy and paste your passwords then or...?
|
|
|
|
|
04-28-2011, 09:34 AM
|
#52
|
|
Dances with Wolves
Join Date: Jun 2006
Location: Section 304
|
Quote:
Originally Posted by Burninator
So how does that work exactly? Do you copy and paste your passwords then or...?
|
1Password pulls everything from one heavily encrypted master file. You can have it on your system and sync manually via wifi, or you can put the master file in your dropbox. If it's in there the changes just get pushed out to all your devices.
Edit: Or are you asking how that is used on a mobile device? Just in case you are:
You can log into the app, select your login and either view your username/password combo or you can click a link and it will launch the page within the app and populate all the necessary fields. Feels just like mobile safari, but it's 1passwords browser.
Last edited by Russic; 04-28-2011 at 09:39 AM.
|
|
|
|
|
The Following 2 Users Say Thank You to Russic For This Useful Post:
|
|
|
04-28-2011, 02:52 PM
|
#53
|
|
#1 Goaltender
|
Quote:
Originally Posted by Russic
He had several lessons at the end of the talk and one was that by using something like 1Password you aren't typing in passwords, which makes it difficult for keyloggers to get access to those.
|
Lol... If I have enough privileges on your system to install a keylogger, I have enough to inspect the Windows message queues and debug processes....I don't think 1Password and its ilk is anywhere near as secure as people make it out to be.
I think it's probably great at managing passwords, but I really 100% believe it adds very little to the overall security of doing online transactions the way things are today.
__________________
-Scott
|
|
|
|
|
04-28-2011, 03:28 PM
|
#54
|
|
NOT a cool kid
Join Date: Sep 2009
Location: Calgary
|
Side note on the credit report is that every single time you pull it, it lowers your credit score. It is actually viewed as a red flag if you get it pulled even a couple times a year.
Having it happen once is not a big deal. but I would not be doing it too often.
|
|
|
|
|
04-28-2011, 04:52 PM
|
#55
|
|
CP Gamemaster
Join Date: Feb 2010
Location: The Gary
|
Quote:
Originally Posted by J-bo09
Side note on the credit report is that every single time you pull it, it lowers your credit score. It is actually viewed as a red flag if you get it pulled even a couple times a year.
Having it happen once is not a big deal. but I would not be doing it too often.
|
I'm assuming the people with Credit Watch aren't paying $15 a month to lower their credit score though, correct?
|
|
|
|
|
04-28-2011, 05:21 PM
|
#56
|
|
First Line Centre
Join Date: Sep 2009
Location: Calgary, Alberta
|
Quote:
Originally Posted by J-bo09
Side note on the credit report is that every single time you pull it, it lowers your credit score. It is actually viewed as a red flag if you get it pulled even a couple times a year.
Having it happen once is not a big deal. but I would not be doing it too often.
|
Soft hits vs Hard hits are completely different on how they effect your credit score.
A creditor checking your score (credit card app or similar) effect score. A soft hit (job interview check, self check) do not.
|
|
|
|
|
04-28-2011, 10:17 PM
|
#57
|
|
Dances with Wolves
Join Date: Jun 2006
Location: Section 304
|
Quote:
Originally Posted by sclitheroe
Lol... If I have enough privileges on your system to install a keylogger, I have enough to inspect the Windows message queues and debug processes....I don't think 1Password and its ilk is anywhere near as secure as people make it out to be.
I think it's probably great at managing passwords, but I really 100% believe it adds very little to the overall security of doing online transactions the way things are today.
|
I'd say it definitely contributes to smarter password management, and that in itself is worth the price of admission IMO. The fact that I have about 50 passwords and not a one is less than 10 characters or a duplicate is a huge advantage to safety.
True my keylogger example wasn't the strongest, I just thought it was a unique perspective from a type of person I'd never though of.
|
|
|
|
|
04-29-2011, 07:20 AM
|
#59
|
|
First Line Centre
|
Quote:
Originally Posted by Hack&Lube
|
That links goes to a rumour, and it's been announced that credit card information was encrypted.
|
|
|
|
|
04-29-2011, 08:22 AM
|
#60
|
|
Scoring Winger
|
I don't know much about encryption..... even if the credit information was encrypted, these guys seem to be really good at what they do, couldn't they easily break the encryption if they had that information?
|
|
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
All times are GMT -6. The time now is 02:47 AM.
|
|
