Digital Video Forums  

Go Back   Digital Video Forums > General > Latest News

Reply
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
Old 30 Apr 2011, 02:33 PM   #1
Administrator
 
admin's Avatar
 
Join Date: Nov 2001
Posts: 8,628
Default PSN Hacker Attempts To Sell Stolen Data, Including Credit Card Numbers

Sony has tried to calm users by explaining that their PSN credit card info was encrypted, but it appears that this was no deterrent for the industrious hacker that hacked the network.

The hackers have now tried to sell the stolen data on online black market forums, and they say they have everyone's credit card numbers, including the CVV number that Sony says they did not even store.

The attackers also claim that they tried to sell the info back to Sony, but Sony refused to buy it back.

So it seems someone is telling the truth, someone else is not, or could both parties be telling the truth?

For the first claim made by the hackers, that they now have un-encrypted credit card numbers available for sale, this does not actually contradicts anything Sony have said so far. Sony says the credit card numbers are encrypted, which is standard industry practice. However, for Sony to use the numbers, they need to be able to decrypt them, and if the hackers have gotten deep enough into the PSN system, to observe the decryption sequence or to even use the system itself to decrypt the numbers before downloading them, then encryption is actually useless. And even if the hackers managed to only pull the encrypted data off the network, they could still have decrypted it themselves, if the encryption algorithm wasn't strong enough.

As for the second claim, that the hackers have the CVV numbers as well, this gets a little bit trickier. Under the industry standard PCI-DSS data security guidelines, CVV numbers cannot be stored, not even in encrypted form. But if the hackers have these numbers as they claim, then either Sony did not properly follow the PCI-DSS guidelines, which could get them into big trouble, or the hackers found some other way to intercept the numbers.

And as for Sony not buying back the data? Only Sony knows whether this has happened or not, and if they were offered the chance to re-secure user data, why they didn't feel the need to take up the hacker's offer.
__________________
Visit Digital Digest and dvdloc8.com, My Blog
admin is offline   Reply With Quote
Reply

Bookmarks


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PSN Hack: Hacker Accesses Personal Information, Credit Card Details Possibly Stolen admin Latest News 1 27 Apr 2011 11:45 AM
Group Attempts To DRM TV In The UK admin Latest News 0 16 Sep 2009 09:25 PM
Xbox and hookers on dads credit card atifsh Off Topic 5 19 May 2008 01:46 AM
WMP 6.4, stop download attempts thekief4 Other File Formats 8 8 Apr 2002 04:13 PM



All times are GMT +10. The time now is 03:08 AM.

Kirsch designed by Andrew & Austin


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Copyright © 1999 - 2018 Digital Digest

Visit DivXLand   Visit dvdloc8.com