X

TheFeed

PSN Password Reset Exploit Discovered; Web-Based Sign-In Services Taken Offline

JGaskill
77 Comments

Posted May 18, 2011 - By Jake Gaskill





  • News
    (2)
  • Previews
  • Review
  • Videos
    (3)
  • Screenshots
  • Cheats and Walkthroughs

  • News
    (5)
  • Previews
  • Review

PSN Password Reset Exploit Discovered; Web-Based Sign-In Services Taken Offline

UPDATED 11:25am PST: Sony's Patrick Seybold just posted the following update on the official PlaStation Blog:

"We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed. Consumers who haven’t reset their passwords for PSN are still encouraged to do so directly on their PS3. Otherwise, they can continue to do so via the website as soon as we bring that site back up."

Original story follows:

Sony’s PlayStation Network has once again been compromised after an exploit was discovered in the newly launched password reset system that was recently brought online as part of Sony’s PSN relaunch.

According to Eurogamer, cyber attackers were able to use this exploit to change user passwords and potentially compromise user accounts. In order to do so, hackers would need to know a user’s E-mail address and date of birth, which would normally be a bit of a stumbling block, but as millions of PSN users are intimately aware, these pieces of information were among those that were stolen during the historic PSN attack that took place last month.

To prevent further damage, Sony has pulled the plug on PSN sign-in portals across its various websites, including PlayStation.com and Qriocity.com, however, as Sony told Eurogamer, “In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.”


The exploit was first discovered by a poster at Nyleveia, who promptly contacted Sony about the issue. It took Sony several hours to respond to the message, but it was reported that the sign-in services were taken offline 15 minutes after Sony responded to the original notice.

Sony is reportedly addressing the exploit, but in the meantime, Nyleveia recommends changing the E-mail address associated with your PSN account just to be safe, assuming that isn't a huge hassle for you or anything.

Over the weekend, Sony announced that the PlayStation Network was going to be restored in a series of phases starting with a mandatory password change. The first thing to be restored was online gaming for the PlayStation 3, and things like purchasing stuff from the PS Store will be available sometime in the future.

Once the PSN went back up, Sony revealed its "make good" offer to consumers: free games, movies, PlayStation Plus access, and free stuff for the PlayStation Home. The games include Dead Nation, inFAMOUS, LittleBigPlanet, Super Stardust HD and Wipeout HD + Fury.

PSN Password Reset Exploit Discovered; Web-Based Sign-In Services Taken Offline
http://www.g4tv.com/thefeed/blog/post/712739/psn-password-reset-exploit-discovered-web-based-sign-in-services-taken-offline/
http://cache.g4tv.com/ImageDb3/270139_S/PSN-Password-Reset-Exploit-Discovered-Web-Based-Sign-In-Services-Taken-Offline.jpg
BlogThread_712739

ADVERTISEMENT

Blog Tags

g4tv.com
  • A Final Goodbye From Attack Of the Show

    Posted: January 24, 2013

    83,928 Views | 04:35

  • Top 5 Snowboarding Games

    Posted: February 28, 2012

    28,158 Views | 02:58

  • International Sexy Ladies Show: Nudie News

    Posted: July 7, 2009

    47,458 Views | 01:36

  • Adult Film Star Stoya Reviews Rumble Massage

    Posted: February 27, 2009

    341,344 Views | 03:57 | 1 Comment

  • Nicole Daboub Meets the Vacuum Bed

    Posted: September 17, 2010

    69,637 Views | 02:23

AdChoices