SOE Security breach

Wall Street Journal

Front page, above the fold, of the business section of yesterday's WSJ. Apparently the 26.4 million SOE accounts were also affected by previous hacking attempts, but what got my attention was:

"The company said it doesn't believe credit-card information on those accounts was accessed, but said hackers may have stolen credit-card data for about 12,700 non-U.S. accounts and 10,700 bank-account numbers from an "outdated database from 2007." "

I'm pretty sure we were all playing before 2007. I don't have any cards or accounts that I used for SWG anymore, but it would be prudent to keep an eye on your accounts. It's not that the game needed another nail in the coffin, but...

And that's why I go to school to do what I do. Companies don't realize how important it is for security to be monitored on their networks 24/7/365, as well as backup plans in case their security is breached.

I say kudos to the hacker or hackers that got in not once but twice. Especially for the second time, when they were already on high alert where cyber-security was top priority.

Also, if the database was "outdated" meaning that it was no longer in use or up to date, it should have been taken offline years ago especially with important information on it such as account/bank info. Or at the very least updated, to protect that information.

I think this news really shows the integrity of SOE, and should be something all companies can learn from whether it is in the gaming business or not.

Well, to be perfectly honest, even if you did happen to have the same account, with the same card number, the likelihood that they would be able to use that information is slim to none. Cards expire for a reason, and they would need the correct expiration date in order to make a purchase. Also, please keep in mind that if you have a debit card/credit card, it's likely through VISA or MasterCard. Both of these Transaction Couriers have Zero Liability clauses in the case of lost/stolen cards. As Scythe mentioned, keep an eye on your account. Just don't freak out if you see a transaction, as it can be corrected. It's advisable that you change your card number, which is typically easy to do, if it's not too disruptive to your automatic charges.

hehe the credit card I used when I had active SoE accounts I tore up a couple years back . my current card is still at it's normal balance of 0 and from a different card issuer .

Damnit i'm still using my current credit card for SWG and Pirates of the Burning Sea, should I cancel my accounts now?

Canceling your account won't do anything at this point, just keep watching your credit card in case something happens. Your other choice is to cancel your credit card and get a new one issued to you, also just in case

Actually being reissued a new card and number while the old number becomes invalid will stop anyone from using your CC. Most CC companies are happy to do this free of charge if you believe your account information was stolen as the alternative is them paying fraudulent charges.

I think any cards I used with them expired. Been more than a while ago.

As I understand it the cards were not from the US that were stolen. I still use the same card but it expired a while ago and I have a new one. I put a fraud alert on my credit report to be safe, and I've had a credit report monitoring service for years now. (Due to some ass from a few years ago.) As long as you keep an eye on it you should be fine. We shall see.

As I understand it the cards were not from the US that were stolen. I still use the same card but it expired a while ago and I have a new one. I put a fraud alert on my credit report to be safe, and I've had a credit report monitoring service for years now. (Due to some ass from a few years ago.) As long as you keep an eye on it you should be fine. We shall see.

....Hey!....I said I was sorry...

...and it happened again. I guess not as bad, but still. I almost feel guilty for feeling so good about SOE being publicly humiliated.

Sonypictures.com got hit not long ago with a simple injection exploit that retrieved plain text passwords, ie. not encrypted at all. How the hell that happens is beyond all understanding.

I've got one word for you, just one word, Outsourcing.

SOE robbed 15 bucks from my account on a monthly basis for over a year. Where was the fraud protection on that one?

not encrypted at all. How the hell that happens is beyond all understanding.

I think its beyond hilarious. Sony sues a guy for jailbreaking a PS3 because they are afraid someone is going to play some burned bluerays (who has a blueray burner anyways?) and they get shut down for two months. I think one could call that Karma.