Sony Admits It "May Never Know" What Happened in PSN Attack

Sony Admits It "May Never Know" What Happened in PSN Attack

image

Sony Computer Entertainment CEO Kaz Hirai admits that Sony may never know" what hackers actually got their hands on when they breached the PlayStation Network in April.

We all know that the hackers who attacked the PlayStation Network and Sony Online Entertainment in mid-April and forced them offline for more than a month got their hands on private user information. What we don't know is the exact nature of the information that was taken and furthermore, Hirai told the BBC, we may never find out.

"We don't know for a fact that any credit card information was taken, but again, in the abundance of safety, we wanted to make sure that we shared that as a potential possibility," he said. "With regard to the 100 million accounts, we do know that the information was accessed. We don't know, however, what part of the 100 million accounts were actually taken from the servers. It might be 100 million first names, it might be 100 million last four digits of a phone number, it could be the entire account information. We just don't know."

Part of the challenge facing Sony is that the hackers involved in the attack "were very good at hiding their tracks as they left our system," he continued. "We may not know [what they took] for a very long time. We may never know."

It's a bit of a jarring admission, coming as it does from one of the big dogs at Sony, but also rather refreshingly frank. I can't help but think that the company could have avoided a lot of negative publicity over the PSN outage if it had just taken such an open and honest approach right from the get-go.

Permalink

Well... thats.... honest. And kinda scary. So the hackers could have gained control of the entire of existence in the PSN breach?

Just a heads up, in the bolded part of the article there are no opening quotes but there are closing quotes.

OT:Well that's... frank. Hoping that the external investigators will bear fruit, but I'm not keeping my hopes up about that.

It's sad that a corporation as big as Sony can't even do basic security audits to see outbound data transfers. To me, that says even the lowest privilaged users had access to the system.

Sony is so full of shit. Why I got an Ericsson Xperia phone is beyond me. I think I'll be returning it for a Motorola Atrix. I know the phone isn't hooked up to the Sony network, but I don't want to support a company that has such shitty business practices.

the bad news: "we may never know"

the good news: we're actually being honest this time

Sucks about what happened but it's nice to see a change of face from Sony

I don't get the 'At least Sony is being honest' statements.

They came out and said 'Your PSN account information may have been stolen.' when it happened.

Now they're specifying that the hackers may have gotten everything, but they could have just gotten only part of a name or some such thing and no important information might have been leaked at all.

Anyway, seething hatred of Sony unrelated to the topic inbound in 3...2...1...

They never claimed they could, they hired investigators. Last I checked, that means you're looking. But, there is no conceivable way they could know what was and was not taken. There never was.

Im sorry, but arent these the people who said nothing was stolen in the first place?

Now that the story broke, they decide to tell us the whole truth? Thats kinda fucked up, if you ask me. BUT, lets get back to the facts. They have no idea what all was stolen.

Well, if I had to guess, phone numbers, Email Addresses, personal information, Sony secrets, infrastructure information, payroll info, secrets for future projects, etc. While I can see certain ones being held onto, they shot themselves in the foot with this one. They should not have been holding onto information like that, when most of it could have either been stored locally, on the systems hard drive, or at the very least could have been deleted when the data was no longer needed.

Its fairly easy to have the hard-drive remember the Credit card information, send it off to Sony, have Sony varify it, than destroy it. The problem with that is it then shoots them in the foot, because they can no longer automatically charge you for subscription services - thats all on you. And lots of companys make money off of people who forget to turn off their $5 a month services they might not be using.

Its no bodys fault but your own Sony. Hope you get you ass hit with a Class Action lawsuit. If elementary hackers can hack into you weekly, for shiggles or just because they can, and you cant keep our information safe, thats on you.

Kopikatsu:
I don't get the 'At least Sony is being honest' statements.

They came out and said 'Your PSN account information may have been stolen.' when it happened.

Now they're specifying that the hackers may have gotten everything, but they could have just gotten only part of a name or some such thing and no important information might have been leaked at all.

Anyway, seething hatred of Sony unrelated to the topic inbound in 3...2...1...

It was all the flip-flopping.

First the absolutely got our personal data. Then they maybe got our credit card data. Then they absolutely did not get our credit card data. Then maybe they did get our credit card data again. Then maybe they didn't get our personal data. I almost made a timeline graphic to keep track of all the times they changed their statement about what was or wasn't stolen. So hell yeah, at least Sony is being honest now. What do you expect people to say after their initial poor handling of information regarding the incident?

Just coming out and saying "We got hacked, and we have no honest idea what was taken from us." when they first announced the hack would have been way better than the "new story every day" nonsense we got from in late April and early May.

Every time I see his name images of Peace Walker immediately come to mind. So I can only see the Sony CEO as a womanizing soldier who likes his booze, but is still pretty awesome and helps everyone in his group level up faster.

OT: Well, time to start the vigilante hunt. Who is with me?

Oh, so it wasn't Anonymous like you previously claimed? You were just making crap up to throw off some of the ire and discredit a group which had problems with your shoddy litigation tactics?

Color me shocked.

Frostbite3789:
OT: Well, time to start the vigilante hunt. Who is with me?

I'll get the torches! I always get the torches!

OT: Surprise, surprise. Honesty is an important part of any relationship. Sony doesn't think its in a relationship with its customers apparently.

You know, I don't indulge in memes often. And when I do, I do not do it on the Escapist, where intelligent discussion is enforced, through means I admire greatly, mostly because I have never been personally harmed by them.

But there is only one possible response to this:

Fucking hackers, how do they work?

Uber Waddles:
Im sorry, but arent these the people who said nothing was stolen in the first place?

True, but at least they're being honest this time.
On the other hand, being honest won't help the people who lost a lot of money, so...yeah.
(although, I think I heard that Sony was going to replace the lost money.)

Anyways: I'm still glad that I didn't use a credit card on PSN!

To paraphrase Jim Varney's carny grifter character from that one Simpson's episode:

Son: That anonymous fella hacked you good, dad.
Carny: Well, there's no shame in being beaten by the best.
Son: But, he didn't seem . . .
Carny: (angrily) We were beaten by the best, boy.

Oh those short-sighted, oblivious Nipon yesmen...

They've pretty much said this from the get go. YOu repeatedly reported them saying this and every time ended it with a comment along the lines "isn't it scummy how Sony haven't told us our credit card information has been stolen". I'm pretty sure, despite what everyone keeps calling for, the second you realise your system has been compromised, the correct reponse isn't to tell people all their stuff has been stolen, if you don't actually know that.

All that's happened is that Sony has continually told us about their varying states of lack of knowledge and despite all this, were brave enough to instantly pull down a service with millions and millions of people use, on the off chance some serious did happen.

 

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here