Sony’s PlayStation Network has once again been compromised after an exploit was discovered in the newly launched password reset system that was recently brought online as part of Sony’s PSN relaunch.
According to Eurogamer, cyber attackers were able to use this exploit to change user passwords and potentially compromise user accounts. In order to do so, hackers would need to know a user’s E-mail address and date of birth, which would normally be a bit of a stumbling block, but as millions of PSN users are intimately aware, these pieces of information were among those that were stolen during the historic PSN attack that took place last month.
To prevent further damage, Sony has pulled the plug on PSN sign-in portals across its various websites, including PlayStation.com and Qriocity.com, however, as Sony told Eurogamer, “In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.”
The exploit was first discovered by a poster at Nyleveia, who promptly contacted Sony about the issue. It took Sony several hours to respond to the message, but it was reported that the sign-in services were taken offline 15 minutes after Sony responded to the original notice.
Sony is reportedly addressing the exploit, but in the meantime, Nyleveia recommends changing the E-mail address associated with your PSN account just to be safe, assuming that isn’t a huge hassle for you or anything.
Over the weekend, Sony announced that the PlayStation Network was going to be restored in a series of phases starting with a mandatory password change. The first thing to be restored was online gaming for the PlayStation 3, and things like purchasing stuff from the PS Store will be available sometime in the future.