Feeds

back to article Shut the CANUCK up! Sony offers $1m to hacked gamers

Canadian gamers affected by the hacking of Sony's Playstation Network have been offered compensation worth $1m by the entertainment giant. An email titled “PSN-SOE-Canada Settlement” went out this week to gamers in Canada offering small sops to anyone affected by the outage in 2011. Any Canadian who started an account on the …

COMMENTS

This topic is closed for new posts.

This post has been deleted by its author

Ru

Re: £250,000 fine for losing 77 million credit card numbers

Compare and contrast with the $600,000 that this gentleman was fined for a separate incident involving a separate hack where Sony was the main injured party: http://www.theregister.co.uk/2013/04/19/lulzsec_sony_hack_sentencing/

4
0
Anonymous Coward

Re: £250,000 fine for losing 77 million credit card numbers

Yeah with fines this low, it only makes good business sense to just continue on regardless... I'm so fed up with puppet politicians designing laws are all pro-business, pro-corporate, and all in the name of pro-jobs, pro-growth, pro-GDP! Jesus, we need some stronger consumer protection and privacy laws. Yean, I know, quit dreaming buddy!

0
0
Anonymous Coward

Re: £250,000 fine for losing 77 million credit card numbers

And yet there's not a single verified case of someone's credit card being compromised because of this attack.

Sure there were people claiming that their credit card was fraudulently used after the attack but with that many people there are going to be thousands of fraud incidents every week under normal circumstances with or without the hack.

1
0
Anonymous Coward

Re: £250,000 fine for losing 77 million credit card numbers

Problem is of course, back in the REAL world (rather than Microsoft's FUD world), hackers didn't get a single creditcard, they were all stored on a different server and encrypted, all passwords were stored as hashes, and in hindsight, it looks like hackers didn't even get customer details either, as no rise in identity theft was ever experienced.

So all in all, this was nothing but an opportunity for the Sony haters to have a field day and simply fill in the missing bits of information with made up details, which the internet has now cemented as fact.... And unlike the tripe that's been posted here, I'm going to site Sony themselves, with links.

Passwords were hashed:

http://blog.us.playstation.com/2011/05/02/playstation-network-security-update//

" While the passwords that were stored were not “encrypted,” they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form. "

Creditcard details were encrypted and not likely taken.

http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/

"Q: Was my credit card data taken?

A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility."

1
1

Re: £250,000 fine for losing 77 million credit card numbers

There was a failure in security but credit card numbers were encrypted and they lost out big time on sales, PR and addition expense plus the value of games given away and PSN+ credits.

That combined with the fact the fine was for the UK data lost means it isn't unreasonably small. I would prefer the biggest fines saved for sale of data, malicious use etc. rather than cases like this.

0
0
Roo
Bronze badge
WTF?

Re: £250,000 fine for losing 77 million credit card numbers

Just a tip for the Astroturfers out there : defaulting to Anonymous destroys any credibility your postings may have.

"they were transformed using a cryptographic hash function."

Err, that is what people commonly call encryption (rightly or wrongly) with respect to password storage. Even ROT13 would qualify (despite being useless). You may not agree with the terminology but you should perhaps consider this usage before battering your keyboard.

"While the passwords that were stored were not “encrypted,”"

That does indeed seem to be the case.

"Creditcard details were encrypted and not likely taken."

That is a very weak assertion, which is no better than "we don't know - but we hope not". Either details were taken or not. If we don't know for certain then it is reasonable to conclude the security and monitoring were totally inadequate and it would be more prudent to assume the details were stolen.

http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/

... and the supporting evidence for the assertion comes from an organisation affiliated to Sony that has a vested interest in keeping Playstation customers sweet on Sony.

As far as getting accurate independent evidence of credit card usage happening I very much doubt that the Credit Card companies and law enforcement authorities would publish enough details for you to accurately attribute who got whacked as a result of Sony's poor security. I doubt any such study has taken place.

This is a company that used CDs to distribute root kits on PCs. These same root kits actually impaired the lawful use of CD/DVD drives. Simply failing to secure customer details is relatively tame by Sony's usual standard of customer abuse, so perhaps they have improved on a little, but there is still no sign that they give a shit about their customers beyond taking their cash.

1
2
Anonymous Coward

Re: £250,000 fine for losing 77 million credit card numbers

"Just a tip for the Astroturfers out there : defaulting to Anonymous destroys any credibility your postings may have."

Whatever you say, "Roo".

1
1

This post has been deleted by its author

Silver badge
FAIL

Re: £250,000 fine for losing 77 million credit card numbers

""they were transformed using a cryptographic hash function."

Err, that is what people commonly call encryption (rightly or wrongly) with respect to password storage. Even ROT13 would qualify (despite being useless). "

ROT13 is neither cryptographic or a hash function.

1
0
Anonymous Coward

Re: £250,000 fine for losing 77 million credit card numbers

"£250,000 fine for losing 77 million credit card numbers"

No. There aren't that many Canadians. I don't know but I'd suspect that may be more than the number of credit cards in Canada.

0
0
Silver badge
Joke

Re: £250,000 fine for losing 77 million credit card numbers

Most credit cards have 16 numbers on the front, so 77 million numbers would be about 4.8 million cards-worth.

Is that right?

1
0
Anonymous Coward

Re: £250,000 fine for losing 77 million credit card numbers

"Just a tip for the Astroturfers out there : defaulting to Anonymous destroys any credibility your postings may have."

Just a tip for the Roos out there, avoid the roobar. Oh and if you have to wank, don't do it in front of AC horde.

0
0
Silver badge
Facepalm

Petty cash?

More like pocket change.

A dollar per user would have been more appropriate.

Remember, you misappropriate their data and its piracy. They misappropriate yours and it "oopsie".

2
0
Silver badge
Facepalm

Yes, a ridiculously low fine

Even if you consider that the 250K Sterling only covered leakage of PSN's Brit users.....

Slap a real fine on these companies and then they will take data security seriously!

1
0
Mushroom

Mocking gullible customer base.

"a three-month half-price membership of PlayStation Plus"

So let me just get this right.. Sony, as compensation, is offering a half-priced deal on it's subscription-based game rental service.. which is quite useless unless you continue paying to play your games FOREVER.

They must be laughing their rotten, lawyer infested, bottom-line worshipping, creativity-void fucking arses off.

Nuke blast for late supper.

0
0
Silver badge

A $1.04bn case was brought against Sony...

They're asking for $1.04 BEELYON compensation for being locked out of their games for a few weeks? Living in the world of games seems to have made them totally lose touch with the real world and the true value of money. Next time they go into their corner shop for a pint of milk I hope the owner charges them $18.7 million!

1
0
Anonymous Coward

Not just £250k.....

Like Marketing Hack says, £250K is the UK ICO fine. This million dollar handout is part of the Canadian settlement. Sony are also under the government cosh in many other jurisdictions. On top of that, there were a reputed 55 class action lawsuits, including that $1.04 billion one. On top of that, the credit card companies will probably sting them for $millions each. Sony's own estimate of total losses (including fines and restitution) just after it happened was that $171million figure. So this stuff will all add up. Google it a bit to verify......

0
0
Silver badge
Thumb Down

So, as compensation for an outage of their online game service,

users are invited to buy 3 more games on their online game service?

I will miss physical media, when it goes.

0
0
This topic is closed for new posts.