Sony PlayStation Network users report fraud on their credit cards – any flight booked a Germany for their purchases in Japanese grocery stores.
On Thursday, a reported security firm hackers are offering for sale, what they claim are stolen details of credit card NHP, despite the fact that Sony is adamant that the data has been encrypted and therefore unusable. Sony also said there was "no evidence that credit card data has been taken."
During this time, Congress got involved, with the House energy and Commerce Committee send a list of questions to the President of Sony Kazuo Hirai (PDF link to the letter) and requiring responses by May 6. In addition, the NextGov Web site claims the Homeland Security Department helps Sony with its investigation.
It is difficult to argue that credit card fraud is nothing other than a simple coincidence. NHP boasts 77 million users around the world and are not all will be recorded details of the map on the free service. However, to give an idea of the scale, 77 million people is more than the population of the France and the Belgium combined, or one quarter of the population of the United States.
In other words, a large percentage of the PSN users are likely to be hit by fraud each day through unrelated causes, and it is easy to pin the blame on Sony.
Although it is said that the details of map only 2.2 million are for sale, there is no indication that the 77 million users would be affected. Therefore the any PSN user who has submitted the details of the credit card feels probably shortly after.
A user with a credit card is only used for transactions of NHPS could provide a more rigorous proof, and Ars Technica claims to have found such an individual. One of its readers is an American Express card "found in a drawer in my house in case of emergency", but he has used to register for NHPS. He was compromised last weekend, the claims, although reader, in this case American Express detected fraudulent transactions.
The big question is whether if the pirates did not decipher credit card details. If they had full access to the software that runs NHP, then it is possible that they could use the same mechanism is typically used to decrypt the details of the map. Alternatively, encryption can be low and easily cracked.
The second major question relates to the question of whether the hackers have very important CVV code needs to make transactions on the Internet. Sony to so-called first in its FAQ that it requests the codes never but since amended answer to say that he is not seeking the codes but they are not stored in their database.
However, we don't know yet how long the hackers had control of the network. It is possible that they could have eavesdropped on transactions, while the network was operating and assembled for the occasion the CVS codes and even credit card details themselves. Which could explain why only a small number of credit card details is offered for sale.
In any event, each PSN user must contact their credit card company to ask what to do, with the best plan is to request a new card.
No comments:
Post a Comment