Jump to content

PSN Account with 2FA Hacked - Make sure you switch from SMS to Authenticator App


gooner4life
 Share

Recommended Posts

Yeah, I don't believe that not using card payment is a massive inconvenience - cdkeys send codes moments after payment and the few minutes spent tabbing to your email and then back to the store aren't a big deal. If a new release is available or a sale is on, I budget in my head, buy the appropriate credit and make the purchase. Aside from spare change, the credit that hackers would steal from me would only be available for a minute or two before I spend it ;) 

Link to comment
Share on other sites

19 minutes ago, Popo said:


Its the first 2FA bypass I’ve ever heard of. 

 

YAY me, first in the world!! :lol: but on a serious note, somebody on Reddit said that a kid hacked him while playing NBA 2K and got support to turn off 2FA just from his PSN name by saying they forgot the email and password.

Link to comment
Share on other sites

7 minutes ago, deerokus said:

It's definitely not that. Social engineering and simjacking are two methods. 


No, and just to be clear I’m not saying this is the first ever case, that would be silly. I’ve just personally never come across any stories before. But I’m happy to concede I don’t exactly have my ear to the ground. 

Link to comment
Share on other sites

I suspect buying credit from a third party site leaves you more open to fraud than storing you CC details on PSN these days, it’s all a matter of perception though. I do the same btw. People are the weakest link, it’s probably worse now with many working from home and under less oversight than if in a Contact Centre even.

Link to comment
Share on other sites

10 minutes ago, Gigawatt said:

But getting my Credit Card compromised on CDKeys isn’t going to make me lose access to everything I’ve ever bought. I’m happier with the protection from the credit card company than from Sony. 


I don’t follow, placing a credit card on your account won’t affect whether your PSN account is hacked or not. 

Link to comment
Share on other sites

2 hours ago, scoobysi said:

I suspect buying credit from a third party site leaves you more open to fraud than storing you CC details on PSN these days, it’s all a matter of perception though. I do the same btw. People are the weakest link, it’s probably worse now with many working from home and under less oversight than if in a Contact Centre even.


I dunno, I would have far more trust in the shadiest PSN credit site than having anything being secured by Sony and you have far more protection if buying the credit from a site than you do a reoccurring authorisation on PSN!

 

 

Link to comment
Share on other sites

5 minutes ago, scoobysi said:


I don’t follow, placing a credit card on your account won’t affect whether your PSN account is hacked or not. 


The whole point of not having a payment method on PSN was that so when it does get hacked, whoever steals it can’t spend hundreds on V-bucks or FIFA cards or whatever. 

Link to comment
Share on other sites

Also compare and contrast

 

- fraud and lost accounts caused by buying cheap credit on cdkeys et al

- lost accounts and games and fraudulent spending by having a c/card attached to PSN

 

We had a massive thread on sony PSN fraud. Loads of people doing "charge backs" because of fraudulent purchases after hacks and then having their accounts locked out because of the chargeback even though people tried to report the fraud with no luck.

 

I'd sooner post my card details on the town noticeboard than have them on psn :D

 

Link to comment
Share on other sites

35 minutes ago, Shimmyhill said:

I dunno, I would have far more trust in the shadiest PSN credit site

 

24 minutes ago, Clipper said:

 

I'd sooner post my card details on the town noticeboard


I’m a bit concerned about your credit card use :D.

 

Anyway, I hope @gooner4life gets access back to his account soon.

Link to comment
Share on other sites

That really, really sucks and terrible customer practice by Sony. I'd be on Twitter hashtagging Sony, gaming journos and anyone that will listen. Including no win no fee lawyers - just to get their attention.

 

Doesn't always work - but some companies really do start to pay attention when things get retweeted. And I'm sure many on here would help with that.

Link to comment
Share on other sites

1 hour ago, gooner4life said:

It's now 5 days that I've had no access to my account or games for.

 

What is reasonable compensation to expect from Sony? 

Compensation :D - the best you can hope for it that they might give you back access to your games

 

and you should thank them for it!

Link to comment
Share on other sites

:o

Do you think it happened because it was linked to other accounts?  Surely it has to be cos of this that they managed to get in without 2FA.

 

Also, yeah I remember a while back when Sony said they had added using an authenticator app as another method but myself and another forumer couldn't find any official instructions on switching to this, so thanks to the person in this thread for confirming that you have to turn off 2FA then attempting to turn it on will reveal the two methods.

Link to comment
Share on other sites

22 minutes ago, gooner4life said:

Ok, finally had a chat with the Executive Escalations team, my accounts now back in my hands, the idiot using it left his address on it, so they've breached his Data protection and his security as I want to go for a drive, i got my PS+ Extended by 2 months, and £5 credit for the lost access to PS Now for a week.

 

The hack was done via their chatbot, they had got access to my old email address (ntl ISP one) and used a transaction ID from 3 years ago in the email to get 2 step turned off and the email changed back to that, they then changed the email a further 6 times and all details and none of that triggered a warning inside PlayStation HQ's monitoring, and I can't secure that old email, it doesn't exist according to Virgin Media so I'm at risk of them just doing it all over again.

So pleased you got it back, bit disappointed by the compensation tbh, given the distress it gave you (as it would anyone losing potentially thousands of pounds worth of games).

 

Also impressed they told you how it was done, surely they will put some systems in place to stop it happening again... chatbot, FFS! 

 

Enjoy your drive ;)

Link to comment
Share on other sites

28 minutes ago, gooner4life said:

Ok, finally had a chat with the Executive Escalations team, my accounts now back in my hands, the idiot using it left his address on it, so they've breached his Data protection and his security as I want to go for a drive, i got my PS+ Extended by 2 months, and £5 credit for the lost access to PS Now for a week.

 

I'd send him a shit in the post. 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Use of this website is subject to our Privacy Policy, Terms of Use, and Guidelines.