More reports of people having their passwords hacked on PSN.
Had to change my PW last night.Hacked PSN Accounts Used to Make Fraudulent Charges
Multiple claims of unverified credit card purchases.
by Matt Clark DECEMBER 6, 2013
Yesterday, IGN reported Sony was sending out emails to PlayStation users, requiring password changes after noticing "irregular activity" on PSN accounts. Following our story, we received messages from multiple sources claiming their accounts were used to make unverified purchases. According to one person, his account was used to add $150 to his PlayStation Store wallet, while another found mysterious purchases related to FIFA 14.
"Just last night, at about 1:10 AM, I received an email saying $50 was added to my wallet," Marcus Elyiace told IGN via email. "No more than 15 seconds later, I receive another email saying the same thing. I immediately login to my account [...] but by the time I did that, another $50 dollars was taken from my card."
Elyiace contacted Sony customer service and forwarded IGN the details of the conversation. The Sony rep said all the charges would be refunded within five to seven days and stressed "making sure that your password is not something that you use on other places around the internet."
Another PSN user, Bobby Atkins, says funds were also added to his Store wallet. But before Atkins noted the charges to his credit card, someone had purchased FIFA 14 content with his account. The inclusion of FIFA in the mix brings back memories of 2011, when multiple Xbox 360 users' accounts suddenly found charges of FIFA 12 content they had never purchased.
Downloading content via another person's account to the hacker's PlayStation device may seem like a fruitless effort, but there is some reasoning--if you can call it that--to the madness. Theoretically, the person in control of the account could designate their PlayStation device as the "primary" console, then proceed to download the content. When the victim resets their password, the access would obviously be revoked. But assuming the game in question doesn't require DRM verification, or if the unverified PlayStation is kept offline, they could possibly still use the content or game.
Other messages to IGN included a fraudulent charge for $650 to a clothing retailer on the same card linked to the person's PSN account, and other users who found games on their account they had never opted to purchase. All of the alleged victims received the "irregular activity" email from Sony. Sony has sent this same password reset email out at least twice in as many weeks.
IGN has contacted Sony on the matter, but as of this writing, the company has not returned the request for comment.