@sony @Mathieulh be warned the fraudsters have started!!! (someone made an online transaction on a cc that was last used on psn (a year or so ago) fraudulently today! but the card was destroyed shortly after my last real transaction),
offending IP, are being traced by my ISP, and the one that worries me Source:18.104.22.168,3478 which resolves to
[DNS] Canonical: a22.214.171.124.deploy.akamaitechnologies.com Numerical: 126.96.36.199 (aka psn)
My ISP has comfirmed the request originated from ^ IP, but will pass further details to the team investigating the fraud at my bank.
Once again, my details have not been connected with my account for over a year, and the fraud took place today, even though the account in question has only ever been used on the psn (once last year!!!).
It appears sony are lying and that details are held for far longer than when you delete the info from your ps3, and that the info is readily obtainable by the hackers/script kiddies sthat know how!. (phoned sony less than half hour ago to report the incident and was told that the details arent kept (clearly they are).
Unfortunatly in as a result of this incident, it now clear to me that sony really arent encrypting any data, and once the incident has been dealt with by my bank, depending on the outcome, I may persue further charges against sony.
Deleting your account info/card details clearly doesnt work to stop this from happening, so I can only advise you keep an eye closely on your bank statements (for cards/accounts that have been used on the psn). and look for small amounts that you havent made. (in my case £1.74 to a travel agent (likely a fraudulent site set up just as a front to hide the fraudsters real intentions). I was lucky and my bank phoned me as they were aware I had not used my account for quite some time, and they felt something wasnt right.
In the interest of security, I advise anyone on efnet #ps3dev (or other chans) to definatly check your accounts for today, as all the other offending IP's originated from there, which gets my spider senses tingling that a spy/fraudster is among you!
My router log is as follows, with my IP removed (it has been changed since pasted, but my IP is xx'd out.
This is not coincidence at play, as there is no other possible way for my details to of been obtained, as all info is securely disposed off at my end (and in actual fact stored inside my property till it can be disposed off safely and securely). I have not lost the card, (it is still shredded in my drawer (and will remain there till the account in question is closed).
@BBCWatchdog, I think you have a case to investigate here!!!
Log's that enabled me to figure all of this out are here http://www.pastie.org/1599044
@sony shame on you!! getting cocky gets you exposed, security like this should never be overlooked, and nothings unhackable!!