Canadian gamers affected by the hacking of Sony's Playstation Network have been offered compensation worth $1m by the entertainment giant. An email titled “PSN-SOE-Canada Settlement” went out this week to gamers in Canada offering small sops to anyone affected by the outage in 2011. Any Canadian who started an account on the …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

This post has been deleted by its author
1. Friday 19th April 2013 15:44 GMT Ru
  
  Re: £250,000 fine for losing 77 million credit card numbers
  
  Compare and contrast with the $600,000 that this gentleman was fined for a separate incident involving a separate hack where Sony was the main injured party: http://www.theregister.co.uk/2013/04/19/lulzsec_sony_hack_sentencing/
  
  4 0
2. Friday 19th April 2013 15:59 GMT Anonymous Coward
  
  Re: £250,000 fine for losing 77 million credit card numbers
  
  Yeah with fines this low, it only makes good business sense to just continue on regardless... I'm so fed up with puppet politicians designing laws are all pro-business, pro-corporate, and all in the name of pro-jobs, pro-growth, pro-GDP! Jesus, we need some stronger consumer protection and privacy laws. Yean, I know, quit dreaming buddy!
  
  0 0
3. Friday 19th April 2013 16:43 GMT Anonymous Coward
  
  Re: £250,000 fine for losing 77 million credit card numbers
  
  And yet there's not a single verified case of someone's credit card being compromised because of this attack.
  
  Sure there were people claiming that their credit card was fraudulently used after the attack but with that many people there are going to be thousands of fraud incidents every week under normal circumstances with or without the hack.
  
  1 0
4. Friday 19th April 2013 17:00 GMT Anonymous Coward
  
  Re: £250,000 fine for losing 77 million credit card numbers
  
  Problem is of course, back in the REAL world (rather than Microsoft's FUD world), hackers didn't get a single creditcard, they were all stored on a different server and encrypted, all passwords were stored as hashes, and in hindsight, it looks like hackers didn't even get customer details either, as no rise in identity theft was ever experienced.
  
  So all in all, this was nothing but an opportunity for the Sony haters to have a field day and simply fill in the missing bits of information with made up details, which the internet has now cemented as fact.... And unlike the tripe that's been posted here, I'm going to site Sony themselves, with links.
  
  Passwords were hashed:
  
  http://blog.us.playstation.com/2011/05/02/playstation-network-security-update//
  
  " While the passwords that were stored were not “encrypted,” they were transformed using a cryptographic hash function. There is a difference between these two types of security measures which is why we said the passwords had not been encrypted. But I want to be very clear that the passwords were not stored in our database in cleartext form. "
  
  Creditcard details were encrypted and not likely taken.
  
  http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/
  
  "Q: Was my credit card data taken?
  
  A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility."
  
  1 1
  1. Saturday 20th April 2013 08:21 GMT Roo
    
    Re: £250,000 fine for losing 77 million credit card numbers
    
    Just a tip for the Astroturfers out there : defaulting to Anonymous destroys any credibility your postings may have.
    
    "they were transformed using a cryptographic hash function."
    
    Err, that is what people commonly call encryption (rightly or wrongly) with respect to password storage. Even ROT13 would qualify (despite being useless). You may not agree with the terminology but you should perhaps consider this usage before battering your keyboard.
    
    "While the passwords that were stored were not “encrypted,”"
    
    That does indeed seem to be the case.
    
    "Creditcard details were encrypted and not likely taken."
    
    That is a very weak assertion, which is no better than "we don't know - but we hope not". Either details were taken or not. If we don't know for certain then it is reasonable to conclude the security and monitoring were totally inadequate and it would be more prudent to assume the details were stolen.
    
    http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/
    
    ... and the supporting evidence for the assertion comes from an organisation affiliated to Sony that has a vested interest in keeping Playstation customers sweet on Sony.
    
    As far as getting accurate independent evidence of credit card usage happening I very much doubt that the Credit Card companies and law enforcement authorities would publish enough details for you to accurately attribute who got whacked as a result of Sony's poor security. I doubt any such study has taken place.
    
    This is a company that used CDs to distribute root kits on PCs. These same root kits actually impaired the lawful use of CD/DVD drives. Simply failing to secure customer details is relatively tame by Sony's usual standard of customer abuse, so perhaps they have improved on a little, but there is still no sign that they give a shit about their customers beyond taking their cash.
    
    1 2
    1. Saturday 20th April 2013 15:52 GMT Anonymous Coward
      
      Re: £250,000 fine for losing 77 million credit card numbers
      
      "Just a tip for the Astroturfers out there : defaulting to Anonymous destroys any credibility your postings may have."
      
      Whatever you say, "Roo".
      
      1 1
    2. This post has been deleted by its author
    3. Saturday 20th April 2013 20:38 GMT Jamie Jones
      
      Re: £250,000 fine for losing 77 million credit card numbers
      
      ""they were transformed using a cryptographic hash function."
      
      Err, that is what people commonly call encryption (rightly or wrongly) with respect to password storage. Even ROT13 would qualify (despite being useless). "
      
      ROT13 is neither cryptographic or a hash function.
      
      1 0
    4. Tuesday 23rd April 2013 01:22 GMT Anonymous Coward
      
      Re: £250,000 fine for losing 77 million credit card numbers
      
      "Just a tip for the Astroturfers out there : defaulting to Anonymous destroys any credibility your postings may have."
      
      Just a tip for the Roos out there, avoid the roobar. Oh and if you have to wank, don't do it in front of AC horde.
      
      0 0
5. Friday 19th April 2013 23:12 GMT Joseph Lord
  
  Re: £250,000 fine for losing 77 million credit card numbers
  
  There was a failure in security but credit card numbers were encrypted and they lost out big time on sales, PR and addition expense plus the value of games given away and PSN+ credits.
  
  That combined with the fact the fine was for the UK data lost means it isn't unreasonably small. I would prefer the biggest fines saved for sale of data, malicious use etc. rather than cases like this.
  
  0 0
6. Saturday 20th April 2013 21:15 GMT Anonymous Coward
  
  Re: £250,000 fine for losing 77 million credit card numbers
  
  "£250,000 fine for losing 77 million credit card numbers"
  
  No. There aren't that many Canadians. I don't know but I'd suspect that may be more than the number of credit cards in Canada.
  
  0 0
  1. Sunday 21st April 2013 17:39 GMT Richard 12
    
    Re: £250,000 fine for losing 77 million credit card numbers
    
    Most credit cards have 16 numbers on the front, so 77 million numbers would be about 4.8 million cards-worth.
    
    Is that right?
    
    1 0
Friday 19th April 2013 15:34 GMT ecofeco

Petty cash?

More like pocket change.

A dollar per user would have been more appropriate.

Remember, you misappropriate their data and its piracy. They misappropriate yours and it "oopsie".

2 0
Friday 19th April 2013 16:12 GMT Anonymous Coward

Yes, a ridiculously low fine

Even if you consider that the 250K Sterling only covered leakage of PSN's Brit users.....

Slap a real fine on these companies and then they will take data security seriously!

1 0
Sunday 21st April 2013 01:38 GMT pewpie

Mocking gullible customer base.

"a three-month half-price membership of PlayStation Plus"

So let me just get this right.. Sony, as compensation, is offering a half-priced deal on it's subscription-based game rental service.. which is quite useless unless you continue paying to play your games FOREVER.

They must be laughing their rotten, lawyer infested, bottom-line worshipping, creativity-void fucking arses off.

Nuke blast for late supper.

0 0
Sunday 21st April 2013 11:43 GMT Pen-y-gors

A $1.04bn case was brought against Sony...

They're asking for $1.04 BEELYON compensation for being locked out of their games for a few weeks? Living in the world of games seems to have made them totally lose touch with the real world and the true value of money. Next time they go into their corner shop for a pint of milk I hope the owner charges them $18.7 million!

1 0
Monday 22nd April 2013 09:00 GMT Anonymous Coward

Not just £250k.....

Like Marketing Hack says, £250K is the UK ICO fine. This million dollar handout is part of the Canadian settlement. Sony are also under the government cosh in many other jurisdictions. On top of that, there were a reputed 55 class action lawsuits, including that $1.04 billion one. On top of that, the credit card companies will probably sting them for $millions each. Sony's own estimate of total losses (including fines and restitution) just after it happened was that $171million figure. So this stuff will all add up. Google it a bit to verify......

0 0
Monday 22nd April 2013 09:58 GMT Lamont Cranston

So, as compensation for an outage of their online game service,

users are invited to buy 3 more games on their online game service?

I will miss physical media, when it goes.

0 0