For those of you Steam forum users who were worried when Valve’s servers got hacked late Monday the 7th and your account information was exposed, well, things just got a little worse. Valve is now admitting that billing information and even credit card information was exposed in the security breach.

Of course Valve tries to downplay it a bit, because they did encrypt your credit card info after all. Isn’t that nice basic security practice.

I’d have been more impressed if Valve had admitted that your credit card information was safe because it had been stored on a separate server with even more security in place. Wouldn’t that have been … the expected thing to do these days?

Oh well.

Such is the internet.

It’s really been a bad year for the security of gamers. You’d think people would start learning and securing so that they could start impressing us. They are taking gobs of our money for their services after all. What on earth are they doing with it then?

Oh, right. Pocketing it and laughing all the way to the bank.

But with some of the biggest names in gaming being hacked, I have to wonder how long it will be before gamers stop giving their credit card numbers out, period.

I mean if you can’t even trust the biggest names in the game, then who can you trust?  It was bad enough when Sony’s PlayStation Network failed us, but now Valve’s Steam?  Come on!

For those of you who even care at this point, Sony has been hacked, yet again. The parts that are of no surprise whatsoever is that it was a simple SQL injection vulnerability that breached their security, that it was done by LulzSec, and that it wasn’t the PSN: it was the Sony Pictures website.

What is a surprise however is that in the over 1 million user accounts exposed by the hack, not a single password was hashed. They were ALL stored as plain text. Which, really, is incredibly bad security and especially for Sony, by this point, a horrible disgrace. So if you’re a Sony Pictures website user, well, sorry.

Sony has failed you.

In multiple ways.

Again.

While Sony may not have made their deadlines for bringing it back, yes, that’s right folks, the PlayStation Network is back up in full! The store is back. Now gamers can get back to business! (Assuming Sony has any customers left willing to trust them.)

As part of getting back into the action, Sony’s attempts to regain your trust by throwing out freebies includes the new “Welcome Back” package (available until July 3rd) of two free downloadable games from a rather lame list. PlayStation Portable owners also get another two free downloadable PSN games … from a likewise lackluster list. (How’s that for alliteration?) There’s a month free of the premium version of PSN as well. There are some (this weekend only?) free movie downloads. And there’s even 100 virtual items in PlayStation Home?

Assuming, that is, that any of it works.

Because you’ll notice, this is all only available as downloadable and/or networked content. As Sony’s networks are likely going to be hit by the rampaging truckload of users trying to download their free stuff (some possibly even still updating their PS3s to access these things) your downloading and network connectivity experience may be in for some trouble. Especially on that limited-time offer of those free movies. So don’t expect miracles.

Which, I guess, if you are (or were) a Sony customer, miracles are likely already far beyond your expectations after not only such horrendous hacks, but also in the Sony’s slow recovery from them.

Poor Sony just can’t get a break. Or, maybe the opposite, a rest from being broken into. Whichever, hackers from all over continue to jump onto the Make Sony Look Bad Bandwagon by penetrating various Sony networks and websites.

From the Sony-Ericsson mobile Canadian store through an SQL injection attack to steal details of approximately 2000 accounts… To the release of a cleansed dump of Sony Music’s Japanese website database after exploiting a similar SQL-injection vulnerability, with personal information intentionally avoided to render the data mostly harmless because it was done just for fun… To yet again a similar SQL-injection vuln used to nail Sony BMG Greece and some 8385 accounts with proof of data including email addresses and password hashes… To a relatively harmless defacing of Sony Music Indonesia’s website… To a hack of Sony’s subsidiary, So-Net Entertainment where 128 accounts had approximately $1,200 worth of virtual points stolen and some 90-odd accounts had their privacy violated through the reading of their emails… To Sony’s HD World site in Thailand being used to host a phishing scam aimed at an Italian credit card company… To the updated PlayStation Network vulnerability allowing evil-doers to change anyone’s password merely by knowing the user account name and their date of birth, both pieces of information stolen in the original PSN hack… Oh, right, to the original PlayStation Network hack exposing the details of some 77 million PSN gamers and an additional 25 million Sony Online Entertainment customers.

And breathe!

So that makes, what, 9 successful attacks on Sony now?

Sony executives have already admitted that the PSN hack alone will cost them at least $171 million. Mind you, the rest are certainly small potatoes by comparison, but I sure wouldn’t want to be a Sony executive right now. Nor a Sony shareholder. Nor a Sony customer! Ouch.

Meanwhile, we still wait for the full assortment of PSN services to be brought back up.

And we still don’t have any real answers as to how this happened, went on undetected for as long as it did, etc.

But honestly, one of the things that actually disturbs me aside from that, is the frequency in which the phrase, “SQL injection attack” is used in these reports. Do Sony’s various website administrators not communicate with each other? One would have thought that as soon as one security hole was discovered, all of Sony’s websites would respond by patching that vulnerability. And yet…

So nine hacks now. Is this party over? Or has it only just begun?

Admittedly, with as many people as there are trying to make a fool of Sony right now, it’s really no surprise that the hackers are winning this war. But I’m far from convinced that Sony isn’t perhaps making it a little easier for the hackers than perhaps it should. For a name as big as Sony you would have perhaps expected better.

And the thing is, Sony really brought this upon themselves.  I mean it started because they took away one of the big selling points of the PS3, it’s ability to run Linux, to be used as a micro-PC.  And they did it all so … insultingly.  But then, then, when a hackers try to break Sony’s locks so that this feature can be re-opened, what does Sony do but wig out and arm their army of lawyers against the hackers that were simply trying to restore the feature Sony wrongfully took away.  So while I must re-state my still firm stance that I do not in any way condone illegal activities, I also have to point out that Sony really was asking for this mess by pissing off quasi-legal security experts / hackers.  Just one of those moments where if you can’t stand up, don’t step up.  Sony made of themselves a rather large and obvious target for a lot of angry people with dangerous skills.  Clearly, Sony wasn’t up to their own challenge.

Reports are filtering in (and simultaneously being squashed by Sony) that the latest PlayStation 3 firmware update, version 3.61, is causing older model PS3s to overheat and shut down. Typically these older PlayStations are the bigger “fat” old-school models, usually with a 60GB or 80GB hard drive. (Umm … like mine. Hmm…) So far the overheating seems to only occur with the new firmware, and can take as little as a half hour to happen when playing games like Rockstar’s L.A. Noire, something that’s probably on many PS3 owners’ agendas!

If you have an older model PS3 it is perhaps suggestible to not upgrade to firmware 3.61 just yet until this is sorted out.  In theory. Unless, of course, you actually want to use your PS3 online, in which case Sony gives you no choice since this firmware update is a mandatory part of their solution to their network being hacked…

Oops!

Sony, Sony, Sony… Seriously? Can you do nothing right anymore?  Your PSN login and password reset pages can be used to hack the accounts that had their data stolen, so you can’t change your password there anymore.  And the other solution, your firmware update, breaks PS3s!  What’s a PS3 owner to do?!

Let’s hope a newer firmware version becomes available soon that doesn’t cause your Playstation3 to overheat so that you can both go online and play games reliably.

Meanwhile, Microsoft is doing only marginally better, as they’ve admitted that an Xbox 360 firmware update may make some games unplayable as they’ve switched to a new Xbox disc format to prevent piracy that some machines just can’t support.  Doh!  Though they, at least, have promised to replace your Xbox should that happen. Although sitting around without an Xbox360 for weeks would be about as much fun as … hmm … sitting around waiting for the PlayStation Network to come back up? Yeah. Something like that.

No reports yet on if Nintendo has royally screwed-up lately. Is no news good news? It might be if the Wii were capable of HD by now… Oooooh.

Yes, that’s right, it’s burns all around for each and every video game console maker today, because frankly, it’s all rant-worthy. I long for the old days when the worst that happened was that you’d need to blow on your cartridge to get it to play.