Sony PSN URL Expoit Hacker Security Issue in the Password Reset Form

If you are one of the roughly 77 million gamers who use Sony PSN, you should update all your passwords if you haven’t already recently updated them in the last week.

“Consumers who haven’t reset their passwords for PSN are still encouraged to do so directly on their PS3,” a Sony spokesman wrote in a Sony website. “Otherwise, they can continue to do so via the website as soon as we bring that site back up.”

Sony had to take part of its Sony PlayStation Network offline briefly last week as it fixed a Web security issue that gave hackers a way to take over users’ accounts.

“We temporarily took down the PSN and Qriocity password reset page,” Sony spokesman Patrick Seybold said in a Sony Playstation posting. “In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.”

It looks like the issue was due to a “vulnerability in the password reset form.” Sony’s password reset page was configured so that anyone who knew their victim’s e-mail address and birth date could take over that account.

Sony was hacked in April 2011, and had been bringing its PlayStation Network (PSN), Sony Online Entertainment network and Qriocity sites back online when this next security issue occurred. To lock down the networks’ security, Sony has been asking users to reset their passwords, which you should do right away if you haven’t already.

Sony PSN URL Expoit Hacker Security Issue in the Password Reset Form

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: