# PSN Database containing 2.2mil Credit Cards now up for sale



## DarkCrudus (Apr 28, 2011)

QUOTE said:
			
		

> So was the "credit card" table really encrypted?
> 
> Rumors are following thru various underground "credit card" trading forums, and on the new #psnhack twitter list that a large section of the PSN database containing complete personal details along with over 2.2million working credit card numbers with the much-needed CVV2 code are being offer up for sale to the highest-bidder, after the "hackers" tried to sell the DB back to Sony for a price, but they of course didn't answer!
> 
> ...



Source PSX


----------



## Nujui (Apr 28, 2011)

Oh wow.....

Now that's really bad.


----------



## Schlupi (Apr 28, 2011)

ARE YOU FUCKING KIDDING ME?

Wow. Thanks Sony.


----------



## Assax (Apr 28, 2011)

Regarding that the screenshots on the source's page are from invitation only marketplaces (you can actually find out what page it is on one of the pictures, i wont mention it here)
this might be bothersome news.

However I'm also not considering Sony dumb enough to lie about the CC information being encrypted on their severs and safe.
Probably someone is trying to make money by selling fake information because everyone who cares about the files is looking for this at the moment.

I also think it was a good move by Sony not to buy them as the seller might easily make copies of it so it really makes no sense in buying the information.

Let's hope this news is fake else Sony is in some deep shit now.


----------



## DrOctapu (Apr 28, 2011)

Not sure if I'm buying it. If it's true, though, we're fucked and Sony's going down.


----------



## Raikiri (Apr 28, 2011)

hmmm getting closer and closer to get my CC blocked... *sighs* poor sony


----------



## SifJar (Apr 28, 2011)

Oh dear, that's bad. I sincerely hope this is somehow fake. I know I'll be keeping a close eye on my bank account.


----------



## Slyakin (Apr 28, 2011)

Oh man... Oh fucking god.

FUCK FUCK FUCK. Why the hell would this prick do this? I don't even want to look at Sony anymore.


----------



## Hydreigon (Apr 28, 2011)

Nice one, Sony. Thanks for keeping everyone's CC info unencrypted.
/facepalm


----------



## loco365 (Apr 28, 2011)

Hydreigon said:
			
		

> Nice one, Sony. Thanks for keeping everyone's CC info unencrypted.
> /facepalm


This. So totally this.

Now I'm glad I jailbroke my PSP. Serves them right. And screw my PSN account, I'm not touching it anymore.


----------



## Tonitonichopchop (Apr 28, 2011)

Shit just got real 
	

	
	
		
		

		
		
	


	




I sincerely hope for the sake of those 2.2 million people this is fake.


----------



## Pyrmon (Apr 28, 2011)

And THAT's why I never use an actual credit card to buy stuff online.


----------



## SamAsh07 (Apr 28, 2011)

Why don't you Credit Card owners take your cash from Bank and close the account?? Is it that difficult??


----------



## Pyrmon (Apr 28, 2011)

SamAsh07 said:
			
		

> Why don't you Credit Card owners take your cash from Bank and close the account?? Is it that difficult??


You don't seem to know how credit cards work, now do you?


----------



## Foxi4 (Apr 28, 2011)

It was me. I have the database. It was in .txt format. Give me your monnies and I will give you the .txt.

Nao.






This is the level of seriousness this news post shows.

Besides, you *willingly* inputted your Credit Card information into the system. You handed over information you're not supposed to hand over to anyone, review your banking statement if you don't recall ever reading it. You agreed to Sony's EULA regarding PSN. They owe you nothing, nobody can assure a system will be 100% hack-proof. They had some security measures, they believed they were enough to keep data unencrypted for convinience sake and they were wrong. Tough luck and bullocks, doesn't change the fact that you shouldn't keep your *real* adress, name, surname and first and foremost CC information on any account ever - you could've bought PSN points instead, but NOOOO. Be the lazy bastard, bend over and scream "dear hackers, please, [censored] me here" while pointing at your behind.


----------



## CarbonX13 (Apr 28, 2011)

Well, that's just convenient now isn't it? Great work, Sony.


----------



## SamAsh07 (Apr 28, 2011)

pyrmon24 said:
			
		

> SamAsh07 said:
> 
> 
> 
> ...


Yeah I don't, you just keep buying on credit and pay money later. There must be some way then, right?


----------



## Deleted User (Apr 28, 2011)

Oh fucking hell. So so screwed. Thanks Sony


----------



## Pyrmon (Apr 28, 2011)

SamAsh07 said:
			
		

> pyrmon24 said:
> 
> 
> 
> ...


If someone uses your credit card, they can buy anything because you got unlimited credit(most of the time it's capped though). Then you need to pay later. It's not your cash. Get why you can't take all the cash off your account now? The only thing you can do is call the bank and tell them to freeze the card. But then you don't have it. That's why it's troublesome.


----------



## Sheimi (Apr 28, 2011)

Holy fucking shit. Oh wow, thats a lot O_O

Fuck you Sony


----------



## Schlupi (Apr 28, 2011)

Another World said:
			
		

> its funny how the irc "conversation" advertises the channel twice. is this real?
> 
> -another world



I noticed that too. 
	

	
	
		
		

		
			





I wouldn't call fake until Mathiuel (spelling error I don't care) confirms or not.

Unless he is just in this for the lulz/advertising. >_>


----------



## SamAsh07 (Apr 28, 2011)

pyrmon24 said:
			
		

> SamAsh07 said:
> 
> 
> 
> ...


Ah I see, thanks for the intel. Good thing I never liked having a Credit Card.


----------



## Bladexdsl (Apr 28, 2011)

2.2m cc numbers are gonna be changed/canceled in the next month 
	

	
	
		
		

		
		
	


	




and seriously this is the biggest fuck up in gaming history way to go sony their finished they won't be back next gen!!!


----------



## syko5150 (Apr 28, 2011)

Bladexdsl said:
			
		

> 2.2m cc numbers are gonna be changed/canceled in the next month


i already canceled ALL of my credit cards and had my debit card replaced just in case i don't remember which card I used for PSN.


----------



## Foxi4 (Apr 28, 2011)

Perhaps that'll teach you to read banking statements. Offering someone all your lively posessions and the entire credit capacity you have as a person is generally not advised, especially when that "someone" is by no means obliged to keep that information safe. Besides, it's nothing that can't be fixed by *1* call to your bank. Oh dear, what an inconvenience.


----------



## skystealer (Apr 28, 2011)

Good job, Sony.


----------



## WiiUBricker (Apr 28, 2011)

The internet never fails to amuse me.


----------



## Bladexdsl (Apr 28, 2011)

it only does fuck up your bank!


----------



## ShadowSoldier (Apr 28, 2011)

If this is true...

Sony, you dun goofed.


----------



## Lily (Apr 28, 2011)

DarkCrudus said:
			
		

> complete personal details along with over 2.2million working credit card numbers with the much-needed CVV2 code are being offer up for sale to the highest-bidder
> 
> They could not have the CVV2 codes. Sony doesn't even ask for them, let alone store them. Nice try though!
> 
> SonyIf you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising that your credit card number (excluding security code) and expiration date may also have been obtained."



..but you'd already know that if you used a CC on PSN, because you never have to enter your CVV2.

So, fake fake fake, but all the Sony haters will keep hating.


----------



## 431unknown (Apr 28, 2011)

Well at first when I saw this specific news I was pissed of but not so much any more. The card I used when I first set up my PSN wallet expried this month and is now null and void since I already activated my new one I recievd 3 weeks ago. I'm still mad that Sony f'd up by not securing sensitive user info more securly.  I'd suggest everyone who had used a credit card on PSN to keep a look out at charges to your accounts. I will just to be on the safe side even tho that card is voided.


----------



## Guild McCommunist (Apr 28, 2011)

DarkCrudus said:
			
		

> @RangerRick Yeah, this information about the CVV2 numbers could be bogus. The guys selling the DB could just be making it up.
> 
> ...
> 
> No, I have not seen the DB so I can not verify that it is true



I'd still say this is a rumor at most.

Of course we all hate Sony but I guess the prick who hacked the system, forced the system to be shut down, and supposedly stole your CC info is an okay guy.


----------



## ShadowSoldier (Apr 28, 2011)

Guild McCommunist said:
			
		

> DarkCrudus said:
> 
> 
> 
> ...



Yeah, he's a pretty cool guy and doesn't afraid of anything.


----------



## DrOctapu (Apr 28, 2011)

Foxi4 said:
			
		

> It was me. I have the database. It was in .txt format. Give me your monnies and I will give you the .txt.
> 
> Nao.
> 
> ...


You kind of expect them, to, you know, fucking encrypt shit like this. They're realistically the ONLY company of their size that doesn't encrypt shit like this. It's unacceptable.


----------



## WiiUBricker (Apr 28, 2011)

Guild McCommunist said:
			
		

> DarkCrudus said:
> 
> 
> 
> ...



This +1


----------



## NiGHtS (Apr 28, 2011)

Thank god for my incredible hate of credit cards! Cancelled my debit card yesterday and ordered a new one!


----------



## ByteMunch (Apr 28, 2011)

Uh, why are sony saying CC data was encrypted?


----------



## machomuu (Apr 28, 2011)

Well, this really sucks.  I mean just...wow.  I don't really know how I can respond to this...


----------



## jaxxster (Apr 28, 2011)

Sounds fake to me! From the layout/format of the data they're offering it sounds pretty fishy.


----------



## shadowmanwkp (Apr 29, 2011)

DC>CC

Really, you get situations like this if you can get people to spend money they don't have REGULARLY. European people's mouths drop to the ground out of sheer shock when they hear that people in the US use credit cards for everyday stuff like shopping. Could easily be done with a debit card that already has the money you own. Really, you get situations like this if you make this happen all the time, forget to pay once and you have a debt. Hence why the credit crisis started, everybody spent money they didn't have (arguably, this isn't really a huge cause, but it did contribute to it).

Now, before getting angry, do mind this, it's actually the banks that got people to use credit cards, not you. They make it seem really cheap to use a credit card and you can easily get some money while you don't have it. That is why it is so tempting, and also the reason why people should stay the hell away from them, you'll be in debt by no time.

OT: From what I read this is fake, if they claim to have information they just could not have, then they're talking bullcrap. Rumor at best, but I don't believe a word. On the matter of Sony not buying the info: the hackers could easily give Sony the DB, but keep a copy themselves to sell for the highest bid. Not really a great deal when you want to cover up your customer's asses


----------



## notmeanymore (Apr 29, 2011)

Dude, if I were them, I'd take $1 from every account. No one would notice.


----------



## Assax (Apr 29, 2011)

SimpyDsi said:
			
		

> Uh, why are sony saying CC data was encrypted?



Exactly my point, they are being watched now anyway, I cannot imagine that they would lie about this, it would just cause more trouble than they already have.


----------



## Bladexdsl (Apr 29, 2011)

shadowmanwkp said:
			
		

> DC>CC
> 
> European people's mouths drop to the ground out of sheer shock when they hear that people in the US use credit cards for everyday stuff like shopping.


i use my debit card for lots of stuff to buy online (mainly ebay and amazon) i make sure there's just enough in there to cover the costs of what i'm buying that way if any1 does somehow get hold of the number and try to use it will be declined every single time


----------



## machomuu (Apr 29, 2011)

TehSkull said:
			
		

> Dude, if I were them, I'd take $1 from every account. No one would notice.


Best most harmless get rich quick scheme ever.


----------



## WiiUBricker (Apr 29, 2011)

TehSkull said:
			
		

> Dude, if I were them, I'd take $1 from every account. No one would notice.



You would steal money from other people?


----------



## Joe88 (Apr 29, 2011)

it sounds very fishy
this news only comes only after sony announces that CC numbers were not stolen

maybe to create fear mongering, or just a few internet trolls


----------



## BloodyFlame (Apr 29, 2011)

Joe88 said:
			
		

> it sounds very fishy
> this news only comes only after sony announces that CC numbers were not stolen
> 
> maybe to create fear mongering, or just a few internet trolls



Didn't they say that they may have been stolen, but there were unsure?


----------



## Bladexdsl (Apr 29, 2011)

TehSkull said:
			
		

> Dude, if I were them, I'd take $1 from every account. No one would notice.


and how are they gonna do that they don't have the card to get it out of the atm or the method to use their online bank account they only have the numbers. what are they gonna do buy something for $1 2.2m times online?!


----------



## KingVamp (Apr 29, 2011)

Can't believe Foxi4 think we have the right to be screwed. 
	

	
	
		
		

		
		
	


	





Wonder what he say if he was screwed.


----------



## Foxi4 (Apr 29, 2011)

KingVamp said:
			
		

> Can't believe Foxi4 think we have the right to be screwed.
> 
> 
> 
> ...



I wouldn't. I'm not dum-dum enough to put my adress and important information anywhere on the internet, for there is literally nothing that can keep that information safe.

Every bit on info that could cause me monetary, property or health damadge is held where it's safe - in my HEAD. Valuable lesson for the future.

You don't _deserve_ to be screwed, there's nothing that's stopping you from being screwed when you're not cautious though. Just call the bank and lock-up your card, how hard is that? They'll issue a new one within one week.

Welcome to the real world, where there is no such thing as an invisible net that'll catch you each time you fall. You fall - you facepalm againts the gravel. Whether it was your or someone else's fault doesn't really matter - you still should've straighten your arms in time, or at least be cautious.


----------



## Deleted User (Apr 29, 2011)

Did you have to use a credit card when you signed up to the PSN? I can't remember.


----------



## rockstar99 (Apr 29, 2011)

Saturnplanet5 said:
			
		

> Did you have to use a credit card when you signed up to the PSN? I can't remember.


Nope

and hope they have better security in the NGP.
I never use credit cards just those visa gift card things you get at the  stores so no problem for me


----------



## antwill (Apr 29, 2011)

jaxxster said:
			
		

> Sounds fake to me! From the layout/format of the data they're offering it sounds pretty fishy.


That and I'm pretty sure PSN never asked for phone numbers or CVV2 numbers either...


----------



## Jamstruth (Apr 29, 2011)

shadowmanwkp said:
			
		

> DC>CC
> 
> Really, you get situations like this if you can get people to spend money they don't have REGULARLY. European people's mouths drop to the ground out of sheer shock when they hear that people in the US use credit cards for everyday stuff like shopping. Could easily be done with a debit card that already has the money you own. Really, you get situations like this if you make this happen all the time, forget to pay once and you have a debt. Hence why the credit crisis started, everybody spent money they didn't have (arguably, this isn't really a huge cause, but it did contribute to it).


You are a LOT more at risk if you use a Debit Card 24/7, especially if you use it online. WHen you get a Credit Card there are extra security measures that will mean if you get your details stolen your money is more protected than if you had used a Debit Card. I can't remember the exact specifics though but the advice is often if you're buying online, especially large things: Use a credit card and pay it off at the end of the month.


----------



## jaxxster (Apr 29, 2011)

antwill said:
			
		

> jaxxster said:
> 
> 
> 
> ...



I'm unsure about that. I thought without that number its impossible to make an online transaction.


----------



## exentro (Apr 29, 2011)

jaxxster said:
			
		

> antwill said:
> 
> 
> 
> ...



Either way, you can still make an online transaction with PSN value cards. I don't own a credit card but i'm still able buy stuff off the PSN. I think it's best not to use a credit card for any online transactions


----------



## Maz7006 (Apr 29, 2011)

obvious trolls are obvious 

if i had 2.2 mill CC numbers, i'd steal 100$ from each one, rather than sell each for 15$ 

... how pathetic is this.; the chances if this is real is very slim. Regardless, it's something, if i ever used a CC number on PSN, i would have canceled it by now for sure.


----------



## shadowmanwkp (Apr 29, 2011)

Jamstruth said:
			
		

> shadowmanwkp said:
> 
> 
> 
> ...



You can block a debit card the same way as a credit card, in fact a credit card was less secure than a debit card for a while, because you didn't have to use your pin for payments, like that's more secure. There is also a lot more tracking on debit cards, ATM machines that are fitted with cameras, bank logs, secured connections while online and daily limits. And to top it all of, you're dealing with a bank, not a credit card company. A bank will understand situations better, because they can get a much better profile of your income and spendings. If they suddenly see your bank account being emptied they will see something is fishy. However, a credit card company only sees your expenses. If you suddenly spend a lot, it could be to pay your other debts, so they are much more skeptical when it comes to this. What the biggest risk of buying everything on credit is that you can get a HUGE debt if it gets stolen, while with a debit card there ain't much more to steal than the amount on your bank account. You can't deny the very fact that people can get money that there isn't while letting others sit with a huge debt.


----------



## FireGrey (Apr 29, 2011)

i don't believe this and i don't give a crap about it, i just want PSN back up


----------



## cwstjdenobs (Apr 29, 2011)

shadowmanwkp said:
			
		

> ...snip



CC's are great if you are not an idiot and use them where they are the better option. Your insured after a certain amount on a CC (I think it's anything over £50 in the UK), so if your not sure about the company you are dealing with the CC is the better option. In cases like this I'm pretty certain you could claim any money stolen back from either your bank or Sony if someone does steal stuff even on a DC though. I had a debit card cloned once, and got everything back in the long run. But it was been used hundreds of miles apart within in minutes so maybe that was because the bank should have noticed.


----------



## SifJar (Apr 29, 2011)

SimpyDsi said:
			
		

> Uh, why are sony saying CC data was encrypted?
> 
> Maybe because it was? The way they said it, the credit card info was in a seperate, encrypted table within the database (which if true would also make this story of the database for sale slightly less credible I think, it seems to suggest all the fields are in one table...)
> 
> ...



I'd notice. Any one else who actually checks their statements would notice.


----------



## Masterpaul (Apr 30, 2011)

Wasnt it confirmed a few months ago, that sony doesnt encrypt the data thats being sent?

Either way if this is true, it may do serious damage to Sony and there pretty much fucked for next gen.

And what da fuck? What company wouldnt pay to keep the credits cards secure? SONY! 

Actually I would be interested in Sonys CO credits cards... and donate all the money to Make a wish foundation under the name anonymous.


----------



## jaxxster (Apr 30, 2011)

Well i cancelled my card this morning. I said it had been comprimisied and before i said another word the lady on the phone said "playstation?" Shows that my bank have had alot of customers cancelling cards this week due to the scenario


----------



## antwill (Apr 30, 2011)

jaxxster said:
			
		

> Well i cancelled my card this morning. I said it had been comprimisied and before i said another word the lady on the phone said "playstation?" Shows that my bank have had alot of customers cancelling cards this week due to the scenario


It doesn't show that at all, it shows that the topic is very recent and has been all over the media, anyone could have known about it and guessed that you were sperging over it because of the whole PSN incident by simply being up to date with the news.


----------



## SifJar (Apr 30, 2011)

Masterpaul said:
			
		

> Wasnt it confirmed a few months ago, that sony doesnt encrypt the data thats being sent?



They certainly send SOME data unencrypted, but I don't think anyone could prove that they STORE the credit card information unencrypted (even if they sent it unencrypted or stored other info unencrypted)


----------



## NES SNES V.B. N64 G.C. Wii WiiU (Apr 30, 2011)

This would be really bad news for Sony, well if it was true! I highly doubt Sony would send CC data unencrypted, maybe personal detail, but not CC data. It's all fake, well not that it's been hacked but all this CC database junk is definatley fake. All I care about about now is PSN up and running again.


----------



## Deleted User (May 1, 2011)

That is slightly funny - "Stick DRM on everything", "Store credit card data in plain text"


----------



## GreatZimkogway (May 1, 2011)

NES SNES V.B. N64 G.C. Wii said:
			
		

> This would be really bad news for Sony, well if it was true! I highly doubt Sony would send CC data unencrypted, maybe personal detail, but not CC data. It's all fake, well not that it's been hacked but all this CC database junk is definatley fake. All I care about about now is PSN up and running again.



Pretty sure it was proven.  They didn't encrypt much of anything.


----------



## Pendor (May 1, 2011)

lilsypha said:
			
		

> They could not have the CVV2 codes. Sony doesn't even _ask for them_, let alone store them. Nice try though!
> ..but you'd already know that if you used a CC on PSN, because you never have to enter your CVV2.
> 
> So, fake fake fake, but all the Sony haters will keep hating.


They do ask for them. (Look for _Q: Was my credit card data taken? _, latest update). And about storing them, there must be some control procedures regarding PCI standards, but you can't be sure.  They do have access, therefore there's a possibility they could be storing them.

Seriously, do some research before writing stuff like that. Whatever side people are on is irrelevant, you're merely trolling just like everyone else.


----------



## Deleted_171835 (May 1, 2011)

Spoiler



[titlerotecting Yourself from the hackers][youtube]http://www.youtube.com/watch?v=oF29asqCv4Y[/youtube]


Sucks if this turns out to be true.


----------



## Hyro-Sama (May 1, 2011)

I pray this is just speculation. If this is true, Sony and its customers are fucked.


----------



## Lily (May 1, 2011)

Pendor said:
			
		

> They do ask for them. (Look for _Q: Was my credit card data taken? _, latest update). And about storing them, there must be some control procedures regarding PCI standards, but you can't be sure.  They do have access, therefore there's a possibility they could be storing them.
> 
> Seriously, do some research before writing stuff like that. Whatever side people are on is irrelevant, you're merely trolling just like everyone else.



Perhaps it's different depending on the country one lives in, but where I live, I have never had to enter the CVV2 of my credit card. They ask for name, billing address, credit card number and expiration date. That's it. They are one of the only places I've shopped online that do not require it. They also do not verify billing phone number like many other shops do.

..and learn the definition of trolling, you ignorant jerk.


----------



## Warrior522 (May 2, 2011)

I smell a troll. Why sell 2.2 million for 15 bucks when you can steal several hundred from each?


----------



## Pendor (May 2, 2011)

lilsypha said:
			
		

> Perhaps it's different depending on the country one lives in, but where I live, I have never had to enter the CVV2 of my credit card.
> 
> One's experience does not represent the entire PSN userbase experience. I think it's kinda obvious.
> 
> ...


Baseless statements provoking some other dude here.


----------



## Selim873 (May 2, 2011)

Quick, Sega!  Now's your chance!!


----------



## leeday100196 (May 2, 2011)

TehSkull said:
			
		

> Dude, if I were them, I'd take $1 from every account. No one would notice.


With 2.2 Million users? I'd take $0.01 or at most $0.10 from each account! You still end up with SH*TLOADS of MONEY!!!


----------



## Bladexdsl (May 2, 2011)

you can't even take 1c or 10c out!


----------

