tampines11

A distressing PSN issue

14 posts in this topic

Okay, so this afternoon I've noticed some emails saying "funds have been added to your wallet", which I assumed was just some sort of joke as my PS4 was switched off at the time. I then got some emails saying "thank you for your purchase" including Lego Batman 3 and Crash Bandicoot 4. I then turned my PS4 on and realised that I'd been kicked out of my account. I went through the process of resetting my password, deleting my debit card details from the account and adding extra security measures to my account to prevent the hacker from getting back in.

 

The most bizarre thing is that, when I checked my library, none of the 6 games that the hacker purchased from my account are in my library. I even searched them all up and they all show up as games that I haven't purchased. I've checked my bank account and the money has been taken from my account but my account hasn't seen any benefits from all of this spending.

 

I have requested a refund by clicking the relevant link in the email and explained that my account has been hacked. Am I likely to get a refund from Sony for this? Has anyone had a similar experience?

0

Share this post


Link to post
Share on other sites

Sounds similar to what happened to me a while ago.

 

They logged into one of my profiles (my secondary account luckily, as my main has 2FA), and I think they created some kind of family account or something? I was notified of all the purchases because it was on my card, but the games weren't on my account because they were actually purchased against like a child account that they had linked to it, or something like that(?). Try going into your family account management settings and see if there is anything weird there.

 

Sony only refunded me for games that were purchased directly - the hacker also bought store credit, which was left on my secondary account and I just had to use up.

 

Moral of the story is to always have 2FA enabled against absolutely all your online accounts where possible, and don't leave your card details saved anywhere that 2FA isn't available.

2

Share this post


Link to post
Share on other sites

You’ll most likely be able to get refunded for those purchases, especially if they haven’t appeared on your account or been downloaded yet. But I agree with @Crispy_Oglop that you should contact customer support directly and let them know your account has been compromised and that charges have been issued without your approval. At the very least this will cover your bases, as I’ve heard horror stories of people’s accounts being banned after fraudulent activity, chargebacks etc. happening on their account without their knowledge.
 

Not that you’re necessarily at risk of anything like this is it sounds like you have your account secured and back in your possession, but it would be smart to get ahead of the situation and make sure Sony is aware of the situation. It could save you a potential headache in the future.

 

You should also take steps to secure and/or change the e-mail address associated with your account. Often a hacked e-mail account is where a hacker will gain info and access to your other accounts. 

3

Share this post


Link to post
Share on other sites
29 minutes ago, jackattack99 said:

 

They logged into one of my profiles (my secondary account luckily, as my main has 2FA), and I think they created some kind of family account or something? I was notified of all the purchases because it was on my card, but the games weren't on my account because they were actually purchased against like a child account that they had linked to it, or something like that(?). Try going into your family account management settings and see if there is anything weird there.

 

Yep, this is exactly what's happened. I've logged onto the family settings and there is a random account on there that's pretending to be my child. What I've now done is I've restricted that account so that it can't play any of the games that it's bought using my money without my permission. 

 

It's a shame that I can't access the games bought using my money as, in case I don't get a refund, it would at least be some consolation to play those games.

0

Share this post


Link to post
Share on other sites
On 7/6/2021 at 9:24 AM, jackattack99 said:

Sounds similar to what happened to me a while ago.

 

They logged into one of my profiles (my secondary account luckily, as my main has 2FA), and I think they created some kind of family account or something? I was notified of all the purchases because it was on my card, but the games weren't on my account because they were actually purchased against like a child account that they had linked to it, or something like that(?). Try going into your family account management settings and see if there is anything weird there.

 

Sony only refunded me for games that were purchased directly - the hacker also bought store credit, which was left on my secondary account and I just had to use up.

 

Moral of the story is to always have 2FA enabled against absolutely all your online accounts where possible, and don't leave your card details saved anywhere that 2FA isn't available.

Wow that is some kind of shitty exploit right there. Sony should really figure out a way to fix that.

 

On 7/6/2021 at 9:55 AM, tampines11 said:

 

Yep, this is exactly what's happened. I've logged onto the family settings and there is a random account on there that's pretending to be my child. What I've now done is I've restricted that account so that it can't play any of the games that it's bought using my money without my permission. 

 

It's a shame that I can't access the games bought using my money as, in case I don't get a refund, it would at least be some consolation to play those games.

Why cant you play those games if the account is bought on a family account that is linked to you? I never had to do family set up so is interesting. Also keep us up to date on the refund!

0

Share this post


Link to post
Share on other sites

Best advice I can give is to never leave credit card info on your PSN account. Considering Sony isn't exactly stellar when it comes to keeping their systems 'in check' and secure, I would never leave sensitive info anywhere with them.

 

It is a pain to constantly add it back when you do want to purchase something, but it's the safest route outside of gift cards.

1

Share this post


Link to post
Share on other sites
16 hours ago, NERVergoproxy said:

Wow that is some kind of shitty exploit right there. Sony should really figure out a way to fix that.

 

Why cant you play those games if the account is bought on a family account that is linked to you? I never had to do family set up so is interesting. Also keep us up to date on the refund!

 

They're giving me a lot of hoops to jump through. They've requested:

 

When you contact us, we will need to verify that you are the account holder and you may need to provide:
 
• Details of the payment method in use on your account.
• Serial number of the first console used to create or log into your account.
• Serial number of the console currently used on your account.
• Details of a recent transaction (including Order Number, content purchased, price and date of the transaction) made on your account.
 
Please have all of the above information readily available when you call.

0

Share this post


Link to post
Share on other sites

Make sure you enable 2FA ASAP. That would have prevented this from happening as you would have to enter a code that is sent to your phone in order to log in. 

0

Share this post


Link to post
Share on other sites
20 hours ago, agorazUHD said:

Best advice I can give is to never leave credit card info on your PSN account. Considering Sony isn't exactly stellar when it comes to keeping their systems 'in check' and secure, I would never leave sensitive info anywhere with them.

 

It is a pain to constantly add it back when you do want to purchase something, but it's the safest route outside of gift cards.

Going the strictly gift card route is a bad idea. Sometimes when an account gets comprised, the credit card number on the account is the only way to verify you're the actual owner.

0

Share this post


Link to post
Share on other sites
1 hour ago, mcnichoj said:

Going the strictly gift card route is a bad idea. Sometimes when an account gets comprised, the credit card number on the account is the only way to verify you're the actual owner.

There is no need to leave number on account as previous purchases all have credit card numbers captured. They will just ask you to verify the card number used on those.

1

Share this post


Link to post
Share on other sites
1 hour ago, mcnichoj said:

Going the strictly gift card route is a bad idea. Sometimes when an account gets comprised, the credit card number on the account is the only way to verify you're the actual owner.

 

Guess that's something I did not think about, but if the account was compromised with CC info on it, well what do you do right? It's already too late but I do understand that things like a purchase history is also important.

 

I usually just delete e-mails from any purchases I make. Reading that the OP needs recent last order info makes me think it's best to hold on to a few purchase receipts for reference.

0

Share this post


Link to post
Share on other sites
3 hours ago, NERVergoproxy said:

There is no need to leave number on account as previous purchases all have credit card numbers captured. They will just ask you to verify the card number used on those.

Read what I said.

0

Share this post


Link to post
Share on other sites

I'm happy to state that, after 3 calls to Sony, they eventually decide to refund me and cancelled all of the fraudulent purchases!

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.