At the end of July, I was editing a video when I got an e-mail from Sony, thanking me for my wallet funding. I’d thought this was odd; I hadn’t so much as turned on my PS3 in almost a year, let alone purchased anything. I went to check my account and discovered things were worse than I realized.
$40 was stolen from me via my Paypal account, which had been tied to my PSN account for years. I later discovered another $20 stolen via my debit card which was overlooked as I rushed to remove payment information and change log-in methods. Sending an e-mail customer support, I hoped for a swift resolution from the company I’d supported since I was a teenager. It quickly became clear I would have no such luck. As of this writing, the majority of the money stolen remains in the hands of Sony Entertainment Network, and they refuse to release it to me.
I’m not alone. The scam is widespread and affecting many PSN users, as a quick Google search will now show you. Users report accounts being fraudulently accessed. Money is transferred to their Playstation Wallets and spent on DLC. I’ve read many theories; a leak of PSN user info, a phishing scam through Paypal, even simple social engineering. But the only consistency in this case is what was purchased with stolen funds: DLC Zen packs for the popular MMO, Neverwinter.
Launched in 2013 and released on the PS4 just this year, “Neverwinter” is a free-to-play Dungeons & Dragon MMO with a large user base. Players earn Zen, the fictional in-universe currency, through quests. For those with more money than time, it can be purchased from a DLC store. It comes as no surprise that there is a market for the selling of Zen between users, though this is typically frowned upon or even grounds for being banned from most MMOs. But it appears that hasn’t deterred hackers.
I was fortunate enough to be awake and able to change my account information, which I believe saved me from more severe damage. Others have not been so lucky. Reports of amounts ranging from $60 to $150 to even higher being stolen have come out. Some users report account information being changed, or even consoles being deactivated and a new one activated instead. Many users also have a knee jerk reaction to dispute the charges through their banks. With most of these attacks happening after the PSN’s Customer Support hours, it’s the only recourse they feel they have. Unfortunately, this winds up being what hurts them the most.
In my own case, I was unable to contact Sony. Their customer support, via both chat and phone, is closed on the weekends. Worried about losing more money and unable to contact Sony, I did the only thing I could think to do and disputed the charges over Paypal. When I finally spoke with a Sony rep on Monday, I mentioned I had disputed the charges. The rep didn’t so much as bat an eye as she went through filing my refund request.
When Paypal cleared the disputes two days later, my refund was denied and my account was banned.
When Sony receives a chargeback from a financial institution, their response is to ban the account. When banned, you are cut off from accessing the PSN, which includes the licenses to any digital content you purchased. One Reddit user I spoke with (who wished to remain anonymous) encountered this issue in the worst way possible. Waking up one morning, they found $50 charged to their bank and another $250 denied as suspicious by their bank. Their account credentials had also been changed. They disputed the charges and found their account banned. When the account was banned, the e-mail was still changed to that of whoever had hacked it. Sony refused to alter or divulge any information about the account. When the account was reactivated, the hacked e-mail was still attached and left wide open for the hacker to access again, despite a Sony rep insisting that wouldn’t happen. Sony also informed them after the fact that they would be unable to refund the money. This was due to paying with PSN codes, a problem I ran into trying to restore my own account access.
After arguing with a CSR and their supervisor, I was told the only way to restore my account was to payback the money returned to me by the dispute. However, I could only return the money with PSN code vouchers; cards you can buy online or in your local stores that you redeem for credit on the Playstation Network. I argued back and forth with the supervisor, who asked for suggestions. I suggested he should speak with the team investigating the fraud and get my account unbanned, but he insisted there was no system in place which would allow him to speak with that team. He refused to help me unless I returned the money, but insisted I could then re-file my refund request and get my money back. He did confirm that he could see I did not even have and to date never had a PS4 on my account, the only system capable of playing Neverwinter on Sony’s PSN.
Others have ran into this problem with varying degrees of success. One Reddit user was able to convince Sony to put him through to their financial department as he was a fraud analyst. They told others, myself included, that there was no way of escalating the issue further.
Sony is aware these fraudulent incidents happen. PSN hacks have been high profile for years. Still, they refuse to alter their Terms of Service or customer support protocols to account for such infractions. Just last year Playstation executive Shuhei Yoshida addressed this is an interview with Game Informer.
“Actually, an attack happens every day. Literally every day. Some days are bigger and some days smaller. Some days they devise new means, new ways–it’s like cat and mouse. We have a partner company we work with, and we always update the new ways the attacker might deploy; so it is a constant battle.”
Still, Sony uses it’s TOS as an iron clad shield, passing blame off to victims and refusing to budge when hacked customers lose money.
I let a week pass before I contacted Sony again. Frustrated and not wanting to lose games I had purchased on my account, I gave a rep $40 in PSN vouchers to cover the $39.98 debt Sony now showed on my account. After waiting more than 24 hours for my account access to be restored, I asked a chat rep re-file my refund request before being assured my money would be returned to me in 3-5 days. After a few days, the $20 stolen through my bank was returned to me. Paypal showed nothing. I started a chat session, but thought twice about it and exited the chat before it connected. I decided I would give Sony the benefit of the doubt this time and give it a little bit longer, thinking maybe it just hadn’t cleared Paypal yet. It would be the last time I would be able to access Sony’s chat. Realizing later that afternoon that my money was now showing in my Playstation Wallet, I attempted to reconnect the chat. This time, I got an error that an agent could not be connected. The generic error page suggested I should call or tweet the official Twitter support, @AskPlaystation. A call to phone support was immediately disconnected before I could even get an option to select. I had been a phone support rep once myself, so I thought nothing of this and reached out on Twitter for help. I watched @AskPlaystation tweet users for 12 hours before I was able to badger them into acknowledging my existence. I received a curt message which requested I follow them and send them a Direct Message. After another 12 hours of silence, @AskPlaystation told me to call the support line which had hung up on me, or use the chat I had been unable to connect to.
It was during this time that I realized no one was talking about Sony’s support chat being down anywhere on social media. Deciding this a strange occurrence, I tried one more time to access the chat only to reach the same page. Curious, I opened another window, but this time punched in different account info and found myself connected to a chat agent. It became immediately obvious that Sony had banned me from using their chat support for some reason.
It turns out having chat support restricted is not an uncommon occurrence either. Many users suffering from a variety of incidents have found their ability to access chat support restricted, but friends able to log in. Some attempted this as a work-around, but Sony would refuse to offer support, telling them to log-in with proper credentials.
Ignored by Sony’s Twitter and unable to access chat, I finally tried again the next day to connect with a phone rep. Here I was informed that the money wasn’t refunded to my Paypal because they couldn’t refund two different financial institutions at once, and I would have to refile my refund request. The rep didn’t think it odd that no one had mentioned this to me and that I hadn’t been notified. He just offered to put my refund request through again, and told me I’d have to wait another 3-5 days. I wouldn’t have to, though. Sony would deny my refund within a few hours.
Sony has an interesting policy about the clearing of these debts, one which I had not been told about. In fact I had been told that once the debt was sorted out, all my money would be refunded. But a phone conversation with another rep the next day informed me that once the cards had been applied to my account, that debt had been “cleared”. The transaction to my Paypal no longer existed in their system and there was no way to refund my money other than place it in my Playstation Wallet.
This is patently untrue, though. Brad Bourque ran into this problem in April, but had an advantage over the typical Sony user. As a tech journalist writing for Digital Trends, Bourque was able to reach out to his Sony press contact, who facilitated getting his refund. He admits that he likely wouldn’t have gotten that far if not for his position as a journalist. Judging by the current rash of users affected by this latest outbreak of Neverwinter scammers, he’s not wrong.
As of this writing, Sony still holds the $40 taken from my account and insists they cannot return it to me. I’ve reached out through every channel Sony has made available. After having chat access restricted and beating the drum on Twitter, I finally went to other social media avenues to try and seek help. An attempt on Sony’s own support forums proved useless: I encountered users who were not actually employed by Sony. They informed me that Sony reps do not visit the forum and that I should be glad I got anything returned to me at all based on Sony’s terms of service. There’s a strange disconnect among the fanbase in this regard. I’ve encountered several users who seem to think users stolen from on PSN are not entitled to refunds because of Sony’s supposedly ironclad Terms of Service. Another Twitter user who saw my repeated attempts to contact Sony suggested I try popular gaming forum NeoGaf for help. My account has yet to be activated so I’ve not been able to reach out to it’s user base, but I did find a forum thread full of victims of this scam.
I finally took it to the official Playstation Reddit, which is where this article began to take shape. Here I met Scott P., a 33 year old husband and father who awoke to notifications of PSN purchases, changed account log-in and bank alerts of possible fraudulent charges. After a conversation with a CSR, he discovered his PSN account was banned for “security measures”. Another rep informed him it would be restored within 24 business hours and gave him no other information or even a case number. When his account wasn’t released 24 hours later, he contacted support again only to receive the same story. Scott’s PSN account has finally released to him late Friday afternoon, and he now waits to see if he’ll get his money refunded. Support also never advised him to cancel the disputes filed when his bank notified him of fraudulent activity.
It is evident that Sony has been affected by some type of large scale security breach, one that is also related to the Neverwinter game. Sony has chosen to ignore complaints and refuse refunds, while the team behind Neverwinter seems to have not even commented on such an issue. Many victims are dismissing it as another hack and contacting Sony. Others are airing frustrations over mistreatment and banned accounts. Several are disheartened by users and representatives immediately stating they’re owed nothing due to the Terms of Service.
In the time between starting this article and publishing it, I had one final interaction with Sony. I posted my story on their Facebook support page, and after several days I was contacted over Facebook messenger by their support staff. After asking a few questions, such as “How did they get access to your account?” (again, attempting to pin the blame on the victim), the rep informed me he would look into this and contact me again. That was nearly two weeks ago, and a rep from the Facebook page has not responded to me. An attempt to follow-up was similarly ignored.
I have no clue how this will end for me. I’d like to get my money back, but it seems Sony has chosen to shut me off completely. All that may remain to be seen how much longer I’ll own my Sony merchandise. After spending so many hours with Playstation consoles and games, to be so summarily dismissed and ignored is a customer support policy I simply can’t stand by. So long as their policies make customers to suffer for the fraudulent activities of others, it’s safe to say I’ll be looking towards other companies for my gaming needs.