UPDATE: Sony has acknowledged the PlayStation network exploit. In a blog post, the company wrote,
PREVIOUSLY: Sony's nightmare may not be over yet. New reports show that PlayStation Network user accounts can be exploited by hackers through the password reset page.
We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.Consumers who haven’t reset their passwords for PSN are still encouraged to do so directly on their PS3. Otherwise, they can continue to do so via the website as soon as we bring that site back up.
PREVIOUSLY: Sony's nightmare may not be over yet. New reports show that PlayStation Network user accounts can be exploited by hackers through the password reset page.
According to Nylevia.com, which first spotted the vulnerability, hackers can use the PSN reset page to get into users' accounts using only a PSN email and date of birth. Both of these pieces of information were stolen during the original breach. As a result, sign-in is now unavailable across a wide number of Sony's sites, as the company deals with the issue.
Sony confirmed the security flaw in a statement:
Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being.This is due to essential maintenance and at present it is unclear how long this will take. In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.
Sony later tweeted an update: "Clarification: this maintenance doesn't affect PSN on consoles, only the website you click through to from the password change email."
Sony first reported the security breach, which exposed the user account information of 100 million users, including credit card data, on April 26. Sony began restoring the network earlier this week, though users were still complaining about outages shortly afterwards.
Nyleveia has more tips for how people can protect their information here.
No comments:
Post a Comment