Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Quick Links
General: A Tough Break for SOE
SBFord
Former Associate EditorMember LegendaryPosts: 33,129
Sony Online Entertainment has been in the news lately after a series of hacker attacks both on the Playstation Network and the Sony Station. In today's column, MMORPG.com Lead Writer Bill Murphy talks about SOE's difficulties and the wider implications for -all- game companies. Check it out!
It’s a tough break for a company that once was the king of pretty much anything they touched. But I’m fairly certain the whole situation will barely effect PSN numbers and earnings in the long run. Console owners, if the failure and retention rates of Xbox 360 owners are to any indication, are decidedly more forgiving than PC gamers. No, I’m worried that this whole unfortunate series of events will further bring the hammer down on SOE and trouble a once venerated publisher even more than it has been by recent failures and missteps.
Read more of Bill Murphy's A Tough Break for SOE.
Comments
For SOE I agree, they are a horrible sub-company, but Sony Playstation 3 is still the undisputed technical king of consoles and have sold quite alot of units to be considered a success.
So Sony as a company is still in a good place, SOE on the other hand should be scrapped. They have not produced anything on remotely the same level of EQ 1 and their latest debacle, DCU, is sinking faster than a rock in water.
My gaming blog
Well....SOE didn't even create EQ1, so can't give them credit there. They did take it over and they brought a lot of good things to it though.
30000 SC (cash shop points) points when I log back into EQ2, that would be acceptable.
And a week of double all types of XP.
Currently Playing: Perpetuum
MMOs Played (most time spent to least): World of Warcraft (BG/Open world PvP focused), Lord of the Rings Online (PvMP focused), Warhammer Online (BG PvP focused), Global Agenda, Age of Conan, DC Universe Online (PvP focused), Runes of Magic, Allods, Aion, Fallen Earth
LOL, you know what I just heard there, "Yeah well my Xoom, has better specs than your iPad 2."
Not knocking the PS3, I have a PS3 and 360, and when it comes to a dual system game, I fall on the side of Sony, but that just made me laugh
inside i laugh quietly.. so freaking tired of those HUGE multi billion companies taking over everything, that i really enjoy seeing them get beat down once awhile.
I feel sad for all the user that is the REAL victims here
Who is next, EA or Valve.. hmm.. anyway i wish the best for all the users who where victomized by this incident. and just hope it comes out on the other side better than they entered this crysis.
------
Playing MMO's since my first which was Ultima online, then Anarchy online. and so on..
Now a days im very critical before i ewen bother downloading a Free to play mmo.
Maybe this is just late revenge for the NGE fiasco?
And if anything EA is next, Valve hasn't done anything to warrant an attack. Unless you are one of them who thinks they are ruining the game with hats, which is just ridiculous considering they have no effect on gameplay.
My big hope out of all of this mess that Sony has found themselves in is that not only will Sony beef up their security, but that other companies will take note, and do the same.
Same goes for the end user(s) as well. Working in Tech Support for a financial firm, it was shocking to see the user names, and passwords, people were using for accounts with what amounted to their life savings in them. Some of them in the millions of dollars. And I'd be willing to bet a majority of these people use the same id/password for their bank, forums, email, etc.
The depressing part of this is that, in this day and age, there are still places out there that only allow alpha, or alphanumeric, passwords. No special characters, and not case sensitive.
I don't think the troubles for Sony will end here, either. Once they get a new system in place, and bring PSN, and SOE, back online, they're gonna get hammered awfully hard by people trying to make a name for themselves. Best of luck to them, but I wouldn't want to be a member of their IT security team right now.
I don't feel badly for them as a company at all. They have continually been their own worst enemy for a long time, and spit in the face of gamers. They are the only gaming company I know of that seems to hold their players in such condesension and derision. So when a large corporation puts that negativity out there in the universe it's not surprising it will come right back to them.
SOE is and has been its own worst enemy. from straight out lies to double talk worthy of politicians those running the show at SOE have alienated customers and burned bridges left and right. All the while thinking everything they touch is golden. I bet they were really shocked at how quickly people abandoned their newest game DCUO. Myabe SOE will finally realize that we will not accpet the same old same old from them.... nah theyll never learn that lesson.
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
How do you compensate someone that might have to deal with ID theft for the next few years.
"30 days of free play time?"
I don't think so
Velika: City of Wheels: Among the mortal races, the humans were the only one that never built cities or great empires; a curse laid upon them by their creator, Gidd, forced them to wander as nomads for twenty centuries...
This is an awful nightmare for a company, and I do feel bad. They are humans you know, despite what you think about SoE they aren't perfect.
Gosh...glad to see you guys finally heard about this story!
Batman mask and a TCG card. That's all they need to offer to make this better. I mean, NGE was their fault, but this is out of SOE's hands. SOE was just innocently trying to run an honest business right?!
Bill...SOE is a victim of the hacker, sure, but they are guilty of being lax and negligent on the security of our information.
This isn't a "tough break" - this was a "finally caught" imo.
They'll never been the same anymore. I don't see how anyone could trust them now after what has happened. As a customer would you give them your creit card number again knowing what just happened ? I know I wouldn't. Sorry but I'm not a glutton for punishment.
i totally agree, and thats why i will never trust them with my details or sub again to any of there products, my swg sub ran out the week before this happened and my ps3+ account 3 weeks before but i will never use a debit or credit card with sony again after this, and this goes for any company that i trusted to look after my details, and fails.........
Playing: FFXIV
Future: wishing for SWG 2, World of Warcraft Classic
Played: Most current and extinct MMO's - 18 Years in....
Interesting Fact - I own 27 Tarantula's
Had a math professor once tell me something that I live by. His mantra was, "Breaks are given rarely by luck and chance. The majority of the time - they are earned."
Either by forethought or planning, scaling or building - in this case it would seem that Sony wanted to get by on chance. Which is all fine and dadny if it is their money and information. But if it is my information (in both db's btw), I tend to stick to places that don't go by chance say like a bank or a "compliant to the laws and guidelines of accepting banking information" business. As bad of a taste I have in my mouth over the NGE thing - I still assumed that one thing that Sony took seriously was money. It is a for profit business.
However, when I read reports like these
http://consumerist.com/2011/05/security-expert-sony-knew-its-software-was-obsolete-months-before-psn-breach.html
http://www.asahi.com/english/TKY201105040107.html
http://www.dualpixels.com/profiles/blogs/sony-knew-their-shields-were
And the myraid of other details and stories covered on the front pages of other gaming sites, frankly, I have my doubts about how seriously they approach the matters of income and compliance.
Simply put, other large companies may well be targets but the fact that they were not hacked twice shows me that at some point somewhere - their network security guys didn't get a break. They earned it.
Oh, and that there is a lingering chance the hacking goes back to late last year . Such things can be found here as posts in your forums - if you pay attention to the patterns and posts.
@stayontarget
Sony has all ready linked people to the big 3 major credit agencies with step by step instructions on how to flag your credit for intrusions. They have also offered free ID theft protection for those effected. Anyone who didn't take advantage of that and/or imediatly order new credit cards and change all pass words to *real* passwords need to get off their arses and do that..
But really anyone who uses their real information on the internet needs to be taking steps to protect themselves anyway.. Its not the job of the companies who you pay to protect you its your job..
Hell it wasn't that long ago that some idiot left his breif case on a taxi seat with thousands of peoples personal info in it? Didn't anyone learn then?
Anyway .. Sony will end up giving up allot after this mess to keep their customers and try to salvage any reputation they have left.. To be honest they are going to be a tight ship once it is over and will have taught a valuable lesson to all the ecomerce participants in the world
While I can understand that concern, since it was mine, it was only the database which held names and addresses. Credit Card info is in a completely different database, which was untouched and would be a hell of a lot harder ot hack since that's on a federally regulated level, iirc.
Still sucks though, and it does worry me. But not because of the crappy information stolen, stuff you could google anyway, but because the whole situation was lame. Network down for a while, not being able to play your games online which lets face it, is half the fun these days considering the ridiculously short length of many of them.
Those hackers are asshats, getting offended by something that had nothing to do with them, and indignant over something they're in the wrong about to begin with. The only people that really suffered are the players. SONY looks like an ass, yeah, but they'll get over it and they will move on. It's the people who play the games that got the short end. I hope they weren't trying to endear their pompous asses to anyone.
"Forums aren't for intelligent discussion; they're for blow-hards with unwavering opinions."
Sure they will.
The day these services come back online, people will clamor to the PSN/SOE networks and gleefully plug in their new 16 digit number so they can collect their Batman mask.
However...litigation might sink em. But that's years away.
I'm not a sony fan boy, just starting off with that, but I am not 100% blaming sony on this. They attacked someone intially that hacked their property, the software of the PS3. One hacking group, Anonymous, claimed they would retaliate against Sony. With a whipping boy in place, it set in motion for other hackers (and a good hacker can crack pretty much anything) to take from Sony, with blame being diverted by them.
right now we are having to take SOE's word for that and they have already lied about what was taken and which databases were affected once. Quiet frankly Im not going to believe that our creadit card info is safe until one of these independant impartial 3rd party security experts theyve claim to have hired says it wasnt stolen
Watch your thoughts; they become words.
Watch your words; they become actions.
Watch your actions; they become habits.
Watch your habits; they become character.
Watch your character; it becomes your destiny.
Lao-Tze
If you really believe they aren't in fault and this was just bad luck you most be on their payment roll or you are reading very selectively on reports across the web or really just believe their official press releases.
Sorry, if i come across harsh but it has been proven that their system and security in place was out of date and you should do what every writer on a game site does and that is first acknowledge it and then warn your readers.
In addition they got hacked a year before aswel and they declared war onto hackers. There's no bad luck involved here, none at all and saying that it's just bad luck makes every online company look just as incompetent incorrectly and is downright insulting.
Even doubting the fact that they have any responsibility in this, i'm ashamed in your place with such statements.
This is just an aspect of a bigger problem of arrogance.
I mean I lost ALL of my SC points because I tried out that kiddie star wars thing. I left and it continued to eat SC points every month for over 6 months without sending any emails or anything despite no logons -- the first email I got from SOE was that I didnt have sufficient points for a renewal.
Then their CS pretty much told me to go away.
It was obvious from their records that the last logon was over 6 months prior. While I think every SC automated purchase should generate an email anyway, if you havent been on a game for 2 months and it is draining funds at least a little "Is everything ok?" email would be good.
At any rate they said they wouldnt help me at all when I contacted them and it really left a bad taste in my mouth.
Did it help SOE any?
In my case I dont think so. I had enough points for an EQ2 expansion and that was what I was planning to use them for -- to give EQ2 another go at some future date when they had more content. But you know what -- without those points -- I DIDNT. So they lost a couple of months of subscription fees and maybe more down the line, plus an opportunity to get me into the fold.
-----
As for this specific problem -- this was arrogant negligence plain and simple.
They have your data for completely inactive and LONG TIME inactive accounts accessible on the internet.
They didnt keep their security up to date making it easy to hack into.
----
Anytime you stop using ANY service all of the customer data should be either deleted or archieved to off-line storage. There is simply no excuse for 7 year old data to be accessible on the internet.
There is little excuse for having any of that accessible online anyway. I mean why does the credit card number need to be easily accessible? Certainly the personal data shouldnt be.
The customer data should only be able to be pulled one at a time for when people change that data. If any connection is pulling multiple amounts of character data it should be shut down immediately and it should not be easy to do (forced delays etc where it takes 2 seconds to pull the data by design would stop someone from pulling MILLIONS even if they found a way to).
Payment dumps to the CC companies should be very much restricted to a specified function which connects directly. No data in that manner should ever be able to go anywhere other than hard-coded to the CC company itself.
----
Thing is they didnt care and they should pay for it.
I chalk this one up to another in a long line of poor decisions made by SOE over the years. It fairly obvious by reading all the news reports they were rather lax in their security measures.
People who were playing are likely waiting to get their "fix", mask or no mask.
Litigation, fines from various countries, cost of 3rd party security firms and ongoing legal fees(from now until the end) are not going to help Sony. Which pretty much will mean people will likely lose their jobs and that's sad really.
Hopefully if they find out who is responsible for this.. there will be some anger left over towards them. I also hope they are in a country where they will face the lovely consequences of some legal system.. and have years to forge new personal bonds of friendship with their fellow man..