Your free membership in Debix’s AllClear ID Plus service (assuming you were a PSN or Qriosity subscriber as of April 20) includes 24/7 “cyber monitoring and Internet surveillance,” mobile alerts in case your personal info is discovered online, and—most importantly—$1,000,000 in ID theft insurance.

To sign up, visit this page and enter your email address; you should get a code for a year of AllClear ID Plus service within 72 hours, Sony says. (I just signed up myself, incidentally.)

The post Sony makes good on offer of free ID theft protection for PSN users appeared first on here's the thing.

The database includes names, user IDs, and their associated email addresses, although as Sophos points out, such info as telephone numbers and passwords appear to be “either missing or bogus.”

As of Monday morning, the entire SonyMusic.gr website looked to be down for the count; it’s not clear whether the site was kaput due to the hacker attack or because Sony had taken the site offline. Another possibility: a crush of curious rubberneckers.

The latest attack comes more than a month after hackers took down Sony’s PlayStation Network and stole a treasure trove of personal information in the process. Meanwhile, a Sony site in Thailand was found last week to be hosting a malicious phishing site.

So, why are Sony sites being hacked left and right? Is Sony’s online security team asleep at the wheel? Well, yes and no. Hackers are, indeed, taking advantage of very real, wide-open gaps in Sony’s online defenses. On the other hand, it’s “nearly impossible to run a totally secure web site,” Sophos notes—and for now, it’s “popular within the hacker community to expose Sony’s flaws.”

Here’s the thing: Given that hackers seem to have a bead on Sony these days, now is a good time to change any and all the passwords for your various online Sony accounts—and you might even consider deleting any stored credit card information, at least for the time-being. But just because Sony’s being singled out for hack attacks doesn’t mean that other online giants aren’t vulnerable, too.

Source: Sophos

The post Another Sony site attacked, user info stolen appeared first on here's the thing.

So, now that we’re good and paranoid, how do we go about buying things (like games, add-ons, movie rentals, and other digital items) on the PlayStation Network without the help of Visa or MasterCard?

Unfortunately, you can’t use a PayPal account for making PSN purchases as you can on Xbox Live, the online network for the Microsoft’s Xbox 360. Prepaid credit cards are no good either, and no—you can’t write Sony a check.

Just scratch the code off a PlayStation Network Card (or grab a code online) and plug it into your PS3.

What you can do is buy a PlayStation Network Card—a prepaid gift card that comes in denominations of $10, $20, and $50. Just scratch off the silver strip on the back of the card to reveal a voucher code, and plug that code into the PlayStation 3’s “Redeem Code” menu option (under PlayStation Network, Account Management). Of course, you won’t be able to redeem any codes until Sony finally re-opens the PlayStation Network store, hopefully by early next week.

OK, so where can you get a PlayStation Network Card? One option is to simply hoof it to the nearest 7-Eleven, CVS, Rite Aid, Kmart, Safeway, or Walgreens. You’ll also find the card on sale at big-box retailers like Target, Best Buy, and Walmart, or you could always go to GameStop or Toys “R” Us. (Sony has a list of retailers in the U.S. and Canada right here.) And let’s not forget the beauty of buying a PSN Card at a brick-and-mortar retailer: you can pay for it in cold, hard cash.

Rather not step outside? You can also grab a PSN Card from an online retailer—although if it seems a little silly to get a physical card shipped to your address, you can purchase an instant PSN code from the likes of Amazon and GameStop.com. (Yes, you’ll have to use a credit or debit card to buy an instant PSN code from, say, Amazon or GameStop, but hey—you won’t have to trust Sony with your info again, or at least not yet.)

So, for you PlayStation 3 gamers out there: will you go ahead and use your credit card again once the PSN Store goes back online? Or are you keeping your plastic close to your vest?

The post How to buy goodies on the PlayStation Network without a credit card appeared first on here's the thing.

Gamers trying to log onto the PlayStation network over the web Wednesday got this unwelcome error message.

The deal, according to Eurogamer: apparently, a flaw in web-based PSN sign-ins allows attackers to access an account if they have the victim’s account email address and date of birth. Unfortunately, those two pieces of private information were among the treasure trove of data scooped up by the hackers who raided the PlayStation Network last month.

The good news: Sony has already closed down any and all web-based PSN sign-ins, presumably while its engineers work to pin down the exploit. The bad news? Security experts are advising those of us who haven’t yet changed the email addresses associated with our PlayStation Network accounts to do so at once—and according to the site that first discovered the security hole, you should devise “a completely new email that you will not use ANYWHERE ELSE.” Ugh.

To change your PSN email address, go to the PlayStation Network hub on the menu of your PlayStation 3 console, select Account Management, and then Sign-In ID (E-mail Address).

Update: Here’s a new official response from Sony, which claims that “no hack was involved” in the discovered “URL exploit”:

We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.

Consumers who haven’t reset their passwords for PSN are still encouraged to do so directly on their PS3. Otherwise, they can continue to do so via the website as soon as we bring that site back up.

Good news, I suppose. I just wish we could get through an entire week without news of any more PlayStation Network security holes.

Related:
Sony’s PSN password page exploit [Eurogamer]

The post New PlayStation Network vulnerability discovered [updated] appeared first on here's the thing.

In a video posted Saturday on the PlayStation Blog, Sony PlayStation head Kazuo Hirai announced Saturday that the PSN was slowly coming back online with “greatly upgraded data security services” to thwart any new attacks. He also promised that “we will do everything we can to regain your trust and confidence” following last month’s disastrous security breach, which exposed the personal information—and potentially even the credit card numbers—of more than 70 million PSN subscribers.

I went ahead and logged into the revamped PSN earlier today—or rather, I did so shortly after installing the new, mandatory system update (version 3.61, to be precise). Immediately after logging on, a message popped onto the screen informing me that my old, compromised password was “no longer valid,” and that I’d have to change my password immediately. I made the change, clicked the “sign in” button, and within about 10 seconds, I was logged into the PlayStation Network for the first time in a month.

One of the first things I did was zap my old credit card information off of my PSN profile; you can do so by navigating to “Billing information” under “Account management” on the PlayStation 3’s XMediaBar. Just open the credit card screen and click the “Delete Billing Information” button.”

I’ve also decided that despite Sony’s assurances about its added security measures for the PSN, I’ll keep my credit card info off the network for now. Yes, I’ll probably break down and re-enter a credit card number at some point (not a debit card number, mind you), but for now, well … I’m just gonna wait and see if the PlayStation Network can go a full week without a critical data breach.

For now, I'll hold off on entrusting the PlayStation Network with my credit card number.

OK, so what’s working, and what isn’t? First, the good news. Yes, online multiplayer is back (I jumped into “Red Dead Redemption” and immediately got gunned down by a series of fellow, online cowboys), as are such third-party online services as Netflix, Hulu, Vudu, and MLB.tv. Also back online: Music Unlimited subscriptions via Sony’s Qriocity service, along with the PlayStation Home virtual world. The bad news? For now, the PlayStation Store remains down for the count.

Sony has posted an FAQ on the current state of PSN right here, along with repeated assurances that the company will offer “make goods” for member who’ve been locked out of the network. Details on the “Welcome Back” package will arrive in the “coming days,” Hirai said on Saturday’s video.

Update: The details of the North American “Welcome Back” program were just announced, and they’re not bad. PS3 owners will get to pick any two of the following games, which you can keep forever:

• Dead Nation
• inFAMOUS
• LittleBigPlanet
• Super Stardust HD
• Wipeout HD + Fury

PSP owners, meanwhile, will get to choose two games from this list:

• LittleBigPlanet (PSP)
• ModNation Racers
• Pursuit Force
• Killzone Liberation

Also, Sony will be offering 30 days of PlayStation Plus access for non-members (or 60 free days for existing subscribers), as well as gratis “On Us” movie rentals and 100 free virtual Home items.

The freebies should be available “shortly” after the PlayStation Store goes back online … whenever that is.

The post The (almost) revived PlayStation Network: what’s working, what isn’t appeared first on here's the thing.