PSN logins exploited again, Sony takes pages offline

This isn't as bad as it could have been -- Sony's PSN hasn't exactly been hacked again -- but what can only be described as a glaring oversight looks to have forced the company into hastily switching off PSN logins on its websites. The issue? If you legitimately forget your password and need to reset it, previously all you had to do was type in your e-mail address and date of birth, then choose a delightfully cunning new password. Sounds good? The problem is that if you were a PSN member before the hack then both your e-mail address and your date of birth (plus a lot of other frightening stuff) is known to the hackers. So, whoever has the millions of rows of data that were exposed could, in theory, re-exploit any account. Sony was made aware of the issue and those pages are now offline again, which should make the Japanese government feel just a little big smug.

Update: Sony has confirmed that there was "a URL exploit that we have subsequently fixed." However, the company indicates there was "no hack involved." So, remember kiddies: exploits are not hacks -- not until someone starts having fun with them, anyway.

PSN logins exploited again, Sony takes pages offline originally appeared on Engadget on Wed, 18 May 2011 10:12:00 EDT. Please see our terms for use of feeds.

Permalink MCV  |  Nyleveia  | Email this | Comments

Source: http://feeds.engadget.com/~r/weblogsinc/engadget/~3/LCu8dtAy_3A/

Dell HP Time Warrner Comcast Gretsch Guitar