Hacked Again? New PlayStation Network Password Exploit Surfaces

Reports are circulating this morning that the PlayStation Network’s been hacked, you know, again. The hack involves the PSN web-based password reset page, where it’s said anyone can change someone else’s password using their PSN account email and date of birth—both details possibly (though not confirmedly) obtained by hackers in the mid-April breach.

How do we know the hack’s legit? We don’t. But Sony's taken the PSN login and password reset page down for “maintenance,” while Eurogamer’s claiming it’s seen actual video footage of the hack in action.

Technically speaking, this sounds less like a “hack” than an exploit, meaning it’s fairly surface-level and—according to news-breaker Nyleveia—involves “a vulnerability in the password reset form currently implemented, not properly verifying tokens.”

Though Sony claims the “small amount of maintenance” in taking the PSN login page down has to do with improving the password reset process, Nyleveia says the page went offline “approximately 15 minutes after [it] received a response from SCEE [Sony Computer Entertainment Europe] on the matter.”

Gaming forum NeoGAF’s also weighing in, with at least one user accusing Sony of “lying” about the outage.

One thing’s certain: the PSN web login page is indeed down (see shot up top—that’s what you’ll get if you hit the main site and attempt to log in). Let’s hope Sony clarifies what’s going on as soon as possible, and explains whether there was or wasn’t an exploit involved.

Interact with Game On: Twitter - Facebook - Get in touch

Shop ▾
arrow up Amazon Shop buttons are programmatically attached to all reviews, regardless of products' final review scores. Our parent company, IDG, receives advertisement revenue for shopping activity generated by the links. Because the buttons are attached programmatically, they should not be interpreted as editorial endorsements.

Subscribe to the Game On Newsletter