Incidents

Playstation data for sale?

In the past few days we have read about how the Playstation Network has been hacked, and very sensitive information such as credit card information has been stolen. We are now seeing more activity in the underground community.

According to a forum post at PSX-scene rumors are spreading that the stolen information also includes the CCV2 numbers. A user on the underground forum Darkode says that the format of the stolen data would supposedly be:fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date

But In a statement from Sony on their playstation-blog they write that the hacker does not have access to the CCV2 code, the statement follows:

“Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

The question is who is correct?

I would recommend everyone with a PSN account to request a new card from your bank, and if you use the same password for Facebook, MSN, email or forums that you used on the PSN I would recommend thatyou change it on those other sites.

Playstation data for sale?

Your email address will not be published.

 

Reports

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

APT trends report Q2 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q2 2022.

Subscribe to our weekly e-mails

The hottest research right in your inbox