TruRowe
30.8K posts
TruRowe
@_TruRowe
Front-end developer. Video games. Trophy hunter. Gwrys yn Kernow. Learning Japanese. Restore Britain supporter.
An update! I'm sorry I've been quiet, but I've spent the last couple of days learning as much as I can about PSN account theft: How long it's been happening, why people are being affected, and so on. I've likewise exchanged a ton of emails with and spoken extensively on the phone with multiple high-ranking people at Sony in different departments over a series of lengthy calls. I want to sincerely thank them for listening, asking great questions, being thorough and thoughtful, and doing everything they can to help. I owe them a lot, and it's through their efforts that I hope we will see action. On the next episode of Sacred Symbols, I will go deep into what we've learned (and because it's so important, we will make this episode free-for-all upon release this Friday). The reality, as far as we can tell, is that the PSN is extremely vulnerable to so-called "social engineering": Using completely mundane information -- like what you'd find on a Wal-Mart or Target receipt (if that) combined with nothing more than an email address -- and using those details to hijack innocent people's accounts via call center customer service representatives. This technique completely circumvents not only your password, but your 2FA, etc. It happened to me, it's happened to many others, and it will continue to happen unless fundamental changes are made. In addition to the people at Sony that have been so helpful, I want to thank people in my community with IT, infosec (etc.) backgrounds who have stepped up in major ways, all without being asked. We've learned an enormous amount about the who, what, where, why, and so on, all because of these people volunteering their time and effort. I'm actually (pleasantly) shocked how good these folks are. We have been and will continue to be passing along everything we've learned (and continue to learn) to Sony, in hopes that we can be useful in solving this major problem for the entirety of the PlayStation community. Ultimately, I have two goals: 1.) To help convince Sony that they need to make serious, immediate efforts to secure people's accounts on PlayStation Network. (We are in this stage.) 2.) To help reunify people with their stolen accounts. (This is a big one, and my heart is so heavy for people who have lost access, sometimes for months and even years, through no fault of their own, and with seemingly no recourse for them. It's simply not fair.) More on the show! In the meantime, be well. <3
State of Play returns on June 2. The over hour-long show includes an extended look at Marvel’s Wolverine, plus news and updates on upcoming PS5 games: bit.ly/3PBh16z
State of Play returns on June 2. The over hour-long show includes an extended look at Marvel’s Wolverine, plus news and updates on upcoming PS5 games: bit.ly/3PBh16z
