Aussie PSN User Has $2000 Of Unauthorised Charges On His Credit Card

Aussie PSN User Has $2000 Of Unauthorised Charges On His Credit Card
To sign up for our daily newsletter covering the latest news, features and reviews, head HERE. For a running feed of all our stories, follow us on Twitter HERE. Or you can bookmark the Kotaku Australia homepage to visit whenever you need a news fix.

The ABC has just run the story of an Adelaide PSN user whose credit card has been compromised in the wake of the PSN breach. His card has racked up $2000 of debt over the past couple of days.

Rory Spreckley noticed that the charges were preceded by a handful of $1 charges, a technique cyber criminals typically use to test if credit card details check out.

“I logged into my bank account just to check everything was OK and I found out there was some just over $2,000 in charges which I didn’t personally accrue,” claimed Spreckley.

Although we can’t be 100% sure if this is related to Sony’s breach, this is a timely reminder to be vigilant with your details, and contact your bank the second you see any suspicious activity on your account.

Has anyone else had any issues since the PSN breach? Email us here with the details, or drop the info in the comments below.

Hackers run up debt for PlayStation user [ABC]

Comments

  • Nothing here. Got a replacement card yesterday, just to be on the safe side.

    The fraudsters apperently charged domestic flight within Australia and hotel bills. Seems unlikely to be tied to the PSN to me.

    • ZOMG! nothing to see here?

      from Sony’s Q&A:

      Q: Was my personal data encrypted?
      A: All of the data was protected, and access was restricted both physically and through the perimeter and security of the network. The entire credit card table was encrypted and we have no evidence that credit card data was taken. The personal data table, which is a separate data set, was not encrypted, but was, of course, behind a very sophisticated security system that was breached in a malicious attack.

      Q: Was my credit card data taken?
      A: While all credit card information stored in our systems is encrypted and there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained. Keep in mind, however that your credit card security code (sometimes called a CVC or CSC number) has not been obtained because we never requested it from anyone who has joined the PlayStation Network or Qriocity, and is therefore not stored anywhere in our system.

      • He said “nothing here” regarding himself.

        Anyway – it’s going to teach a lot of people to be more careful. To be fair, when you out these details into a system like the PSN, you should expect total security for your information no matter what. But I think its stupidity half the time when your storing the information on there – it’s not difficult to buy PSN cards, I know its the hassle of doing so, but still.

        Much like people who pay for something & don’t ask for a receipt, complain at a price but have no proof. If they gave a crap to begin with, they wouldn’t have a problem on there hands. Or people who do direct debit for things and go through a renewal for a phone, internet, insurance whatever and then call their company 6 months into there renewal blasting them for taking money cause they fail or are too stupid to check their bank statements that their renewal & debits continued due to laziness of cancelling or what not.

        It’s a lesson to be learnt for both sides.

  • I won’t say one way or the other, but we do have to remember that credit card fraud happens every day – of millions of accounts, we’re not hearing about mass fraud, just isolated cases. Might need a grain of salt.

    In any case, just glad I always bought the PSN cards rather than using my CC 😀

  • Cancelled my card and had it reissued yesterday afternoon. Despite the inconvenience I truly recommend everyone do it.

  • Thankfully the credit card I use for the internet has a very low limit and had expired about the day before this all came to light. I still had to change a tonne of passwords, though.

  • More likely a coincidence than it being related. It’s somewhat unlikely that who ever perpetrated this would want to use the details so soon, it’s going to be covered and scare people into changing details – making the list worthless. Plus they’re unlikely to be in Australia and want domestic flights and hotel bookings…

    • better safe than sorry. I don’t use PSN, but personally, If someone told me that my credit card info ‘might’ have been stolen, then I would cancel that shit faster than Arrested Development. Especially seeings as I have a debit card, and money spent on it is taken right out of my savings account…

      I would very highly reccomend anyone who has used PSN to cancel their cards

  • Can’t believe how lucky I got with the timing of my old card expiring last week, so even if they got the details they can’t do much with it.

    I guess there’s still the risk of identity theft with my name, address, etc that’s on there, but anybody can get that kind of info just by opening my mailbox while I’m at work or looking at the electoral roll so I’m not especially worried about that.

    • Braains you still should cancel the card. I have had cards expire in the past and during a transition to a new one, transactions from direct debits still flowed

      i asked the bank and they said as long as a txn from that company has been auth’d before, teh expiry date is ignored.

      Don’t think you are home free yet 🙁

  • “@davidwildgoose: Pretty sure the PSN hackers got my creditcard details. There’s all these weird, random debits from something called Steampowered on my bill” – me too!

  • I had 2000 dollars worth of unauthorised charges as well… just as soon as i finalise what type of shipping i want on this stuff.

  • I can’t remember whether I’ve ever bought any PSN games because I share with a mate of mine. I probably should replace my CC though just in case.

    Hope PSN comes back soon. This must suck for Sony and Sony gamers. As a PC gamer, my heart goes out to you all.

  • Cancelled my card. It’s an inconvenience this week, sure, but it makes me feel that that sliver of chance where it might be used for nefarious means has been dealt with. 🙂

  • Any way if you can work out whether you put your CC details into your PSN account since you can’t log in? Don’t use it at all really but not sure whether it may have been used in the create your account function?

    Cheers 🙂

  • Yeah, just cancelled my debit card and got a new one, changed my passwords. Pain in the arse but much better than worrying about it.

  • I had the same thing happen with my credit card about a month ago, so I got it cancelled and reissued to me. Had this happened in the last couple days instead, I would have naturally jumped to the PSN conclusion. Point is, if 77 million accounts have been hijacked, there’s going to be some coinsidences crop up. That said, it’s not a bad idea to just get your credit card reissued anyway as a safety measure.

  • If it was plane tickets, then I doubt it’s related. About 2 years ago my CC was used to buy 2x Sydney->Singapore tickets on Tiger, ~$2000 total. Fortunately commbank’s fraud department was quick to react once I called them and negated it, transfered my actual balance to a new card, etc.

  • Luckily, i only ever buy PS cards and 360 Points with cards bought from stores/online so i haven’t had to put my CC info into the PS3/360. Any other info i put in there is fake (address, DOB etc…) more because i didn’t want noobs on LIVE/PSN looking up my account rather then security but that is an additional benefit.

    I feel sorry for anyone who has been effected by this though… Also i hope this dosen’t impact too much on Sony and the Gaming Industry as a whole. I do think Sony should suffer a little bit because from what i am hearing their security is shit but i hope their mistakes do not reflect poorly on Microsoft/Nintendo and other developers/publishers.

  • Card replacement is the best way to go. Considering sony will not directly admit that this information has been obtained. Everything I have read puts it as a possibility – always damage control by these corporations, restricted honesty. End of the day it comes to inadequate security in the first place.

  • I bought something on the PSN once. No idea how much personal info I entered in the process. How can I find out what Sony had on file for my account?

    Would they keep my CC on file if I haven’t subscribed to paid services?

    • Probably. I don’t often purchase things from the PSN but if I remember correctly it’s one of those online stores that saves all your information so the next times you go to purchase something you don’t have to put it all in again, you can just hit the buy button.

  • What annoys me most about this is I don’t even know what details I’ve go stored on the PSN, and I can’t check! I don’t think I’ve ever used my credit card on the PSN, but I’d like to check before getting a new card and cancelling all my DD’s. Also I don’t know what e-mail address I used when setting up my account, I thought Sony was supposed to be sending out e-mails to customers?

    • If you are unsure, do a search in your previous emails for anything from playstation.net and wallet fundings.

      It will have the type of card along with the first and last set of digits from the card used.

      • Had a bit of a search through my e-mails, couldn’t find anything from PlayStation or playstation.net. Doesn’t help that I don’t know what e-mail address I used when signing up……….

  • Also change all passwords that are identical, or similar to the one(s) used on PSN. I’m sure the “hackers” have automated programs running those passwords on popular sites such as facebook, online banking facilities and various Email sites as i type this.

    Very disappointed with SONY tbh. So much so in fact that i am thinking of stepping away from SONY altogether. Their arrogance so far was just a nuisance, but now that my identity has been compromised, together with 77 million other users i feel this has gone far enough.

    I mean, they didn’t even bother to encrypt my data. All plain text, in the open ( no firewalls either) on their servers, in 2011. In fact, this is borderline criminal behavior according to the global Payment Card Industry Data Security Standard council.

    Shame on you SONY, Shame shame shame.

  • I’m not too worried about my CC, it’s easy enough to cancel a card.

    My main worry is what someone could do with my Name/Address/DOB?

    surely this is of more concern than anything else?

  • Here’s the thing, if you look at the ABC site it says they purchased airline tickets (requires name and id), stay at a hotel (easier than flying but still) and they were all within Australia.

    This means that either the hackers that took everyone’s information are in Australia, or the more likely explanation is that he bought something online months ago, had his details stolen and the fraud happened coincidentally at the same time the PSN account details were hacked.

    It’s happened to me before in the UK and 3 months later I was maxed out buy purchases in the UK when I was in Australia.

    I’d just get new cc details, much easier than the worry.

  • Odd’s are that of the 77 Million PSN account holder a few would be victims of CC card fraud each day.

    Problem Sony has is they’ll be the whipping boy for them for years to come.

  • there’s no evidence suggesting that it was from the psn attack, i know for a fact theres a recent CC scam wave going on, by the looks of it by internet bankers. Girlfriends step-dad got charged $500 for something in Nigeria, a mates mother got charged $2000 for jeans in new zealand, and a workmate of his $1500 in a servo in germany, and this was within a space of a couple of weeks.

    They shouldnt use psn as a scapegoat, unless they can truly prove it was at fault

  • Between 70 and 80 million users had their stuff compromised so it could very well be a coincidence seeing as this type of fraud happens every day. Hopefully it is indeed a coincidence otherwise this is going to be a righteous mess (not that it isn’t already).

  • Cancelled and replacing. It’s probably going to have turned out to be overkill, but my card was almost expired anyway and living without a credit card for one weekend won’t kill me.

    Also changed the one password I had which overlapped with my PSN password. Not a particularly important one (if you have the same password for stuff like internet banking or main email account as you use for anything else in the world, you are a fool) but just for the sake of it.

    I did get yet another Facebook phishing scam email last night, which potentially could have used stolen PSN personal details for my name and email address.

  • Rory here the aussie in question. just want to clarify i never said that this was as a result of the PSN data leak but that it was a worrying coincidence and investigation needed to occur. Last night when i was speaking to journos and watching twitter there were a large number of people claiming their credit cards were also infringed. That said still no contact from Sony other than the email received today 10 days after they first identified customers. This and the fact name/address and whatever else i provided is surely the bigger issue that the 2k the bank should reimburse me.

  • I only just recieved ‘the email’ today. I’ve never really used my account(s), though. But, surely Sony should have said something *before* people noticed 2000$ of charges?

  • two people out of 77 million have claimed to of had there data stolen. One on the news, one on forums. It really doesn’t sound convincing yet, you would expect reports of thousands or tens of thousands of users reporting the problem not one or two.

  • My friend ended up with a $400 bill from having his details stolen from the PSN. They used his credit card details online and spent up on iTunes. 🙁

Show more comments

Log in to comment on this story!