Using PSN on PS3 Custom Firmware Could Expose Your Credit Card Details – Report
With Sony’s PlayStation 3 beinghacked to bits of late, it’s perhaps unsurprising that a possible security risk has been discovered.
As reported by Ars Technica, one hacker is claiming to have broken into the PlayStation Network (PSN) and in the process discovered that potentially sensitive data is being saved and forwarded to Sony, perhaps unencrypted. Worryingly, our credit card details are among them. According to the hacker in question, the card details are sent like the example below.
creditCard.paymentMethodId=VISA&creditCard.holderName=Max&creditCard .cardNumber=45581234567812345678&creditCard.expireYear=2012&creditCard .expireMonth=2&creditCard.securityCode=214&creditCard.address.address1= example street%2024%20&creditCard.address.city=city1%20&creditCard.address.province=abc%20&creditCard.address.postalCode= 12345%20
Worrying news indeed.
Firmly in the creepy corner, the Ars article also claims that your PS3 is constantly monitoring what you’re doing, what accessories are connected and even, wait for it, what kind of television you’re using!
"Sony is the biggest spy ever… they collect so much data. All connected devices return values sent to Sony’s servers,"
Freaky, yes, but possibly not information our hardware has been accumulating for a good while now. Are we just finding out now they’re starting to be hacked?
On a positive note, try not to lose any sleep just yet – all this panic about credit card details being sent unencrypted isn’t really an issue if your PS3 is stock and standard. If you’re the kind of person to dabble in a bit of jailbreaking and like to use custom firmwares though, you’re fair game.
All that’s required with a custom firmware is for a malicious hacker to route all PSN traffic through their own system, meaning they’d have access to anything that Sony does. That includes your unencrypted card numbers.
You can follow us on Twitter or join our Facebook fanpage to keep yourself updated on all the latest from Microsoft, Google and Apple.