Determining the possible validity of a breach (or was PSN really hacked again?)

If you’ve been following social media as of late, you might have seen remarks about a new set of data that is floating about stating that PlayStation Network (PSN) along with 2K Games and Windows Live were all breached and that a dump of passwords has been made available.

derp_hack

But is this really the case?

The password dump was added to Canary yesterday and immediately we saw some interesting results. Here are the links containing the dump as it is (for analysis purposes most large dumps are split up):

While this requires free registration, viewing the ‘related’ tab on these entries (specifically parts 3, 4, and 5) shows a number of similarities between this dump and dumps belonging to booter forums (“booter” being a term used to refer to DDoS attacking) as evident in these screenshots:

derp3 derp1 derp2

The sources in question can also be viewed via these links (there are more than just these but it gives you an idea):

This sort of thing has happened before where dumps from various databases were either re-branded as something else or were co-opted by another group in an attempt to boost reputation. A perfect example of this is an old breach on a site run by the FBI, which has been stated to have been done by several different groups since it was first dumped–every few weeks to a few months we see the dump rehashed.

So should you be concerned about this dump? Well it comes down to what level of risk you want to take, but it should always be kept in mind that breach data may not be what it seems. If you think you’re at risk, do what is appropriate.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s