PSN logins exploited again, Sony takes pages offline

May 18, 2011

Sponsored Links

This isn't as bad as it could have been -- Sony's PSN hasn't exactly been hacked again -- but what can only be described as a glaring oversight looks to have forced the company into hastily switching off PSN logins on its websites. The issue? If you legitimately forget your password and need to reset it, previously all you had to do was type in your e-mail address and date of birth, then choose a delightfully cunning new password. Sounds good? The problem is that if you were a PSN member before the hack then both your e-mail address and your date of birth (plus a lot of other frightening stuff) is known to the hackers. So, whoever has the millions of rows of data that were exposed could, in theory, re-exploit any account. Sony was made aware of the issue and those pages are now offline again, which should make the Japanese government feel just a little big smug.

Update: Sony has confirmed that there was "a URL exploit that we have subsequently fixed." However, the company indicates there was "no hack involved." So, remember kiddies: exploits are not hacks -- not until someone starts having fun with them, anyway.

In this article: exploit, hack, hacked, online gaming, OnlineGaming, password, passwords, psn, security, sony

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.