PSN Password Reset Page Compromised, Taken Down

by Justin B. May 18, 2011 @ 8:29 am

A new exploit surfaced earlier today that allowed anyone to reset any PSN account’s password, without going through the proper channels. The new exploit was revealed by our friend Nevada from Nyleveia, who first revealed the exploit. After confirming it’s legitimacy Nevada notified Sony about the threat and their account reset page was subsequently taken down.

The hack involved knowing the date of birth and e-mail of a target account, both of which were compromised in the PSN attack last month. It is unclear how many users were affected by this exploit but those that did use this exploit had their IP addresses logged in which Sony could potentially use to locate and find the culprits (assuming they didn’t use a proxy). It is unclear when the service will resume.

Follow this author on .

Abe Froeman says:

What a shit show this has become.

ultimakillz says:

good call japan. maybe the rest of the world should have held off the psn as well.... :argh:

Tavares says:

Sony is really making gamers lose the small amount of trust they had in the company.

Bran says:

At this point I just don't care. Give me back the PlayStation Store damn it.

KezraPlanes says:

This hackers are way out of line.

But I share Bran's feelings.

Robby says:

This is becoming entertainment now. Sony doesn't know what security means and hackers are making a major company look like a fool.

Ecko says:

*facepalm*

I see that Sony still has dumbasses running the show.

Where's the popcorn?

NeilR says:

In all honesty how are they supposed to validate someone properly when all the information they know of you is potentially compromised? The best thing they can do is send an email out and hope that it reaches the correct person without having been intercepted. When you think about it how troublesome is this really?

EDIT - Wait.. was this a page you could go to (without having been submitted through a standard email redirect) and enter that info? If so then that is pretty bad.

El Diablo says:

From what I understand it was...

Go to Sony/Playstation website or whatever > go to sign in > get prompt to enter email and birthday > enter new password.

Not sure as I didn't get to try and change my password before it got taken down and didn't read the whole thing but that's what I think.

hush404 says:

Ugh, I've had it with hackers. Get THE FUCKING TORCHES!

ultimakillz says:

source

hack vs. exploit. totally not the same thing. now i feel much better xD

/sarcasm

Dan says:

Still, I assume with the devs Sony have, it doesn't take a genius to find an exploit that big. They really need to get their shit together.

Hellcat says:

lolyes.

$ony is getting it bigtime for their total incompetence.

Sadly they will not learn and start doing things properly.

Well, NGP hacked on day 1, anyone?

Dan says:

I really doubt the NGP is going to sell as well as it initially was thought to. Shame, it would have had potential.

Biggy204 says:

Wow its a good thing i have yet to update and change my. Password. I'll wait it out til the end of the month or so now.

eldiablov says:

This is becoming painful.

TeamOverload says:

Um..it was a web based exploit that's been fixed. Changing your password or not changing your password would have made no difference (except for the fact that by NOT changing your password, you're leaving yourself vulnerable for longer.) Just saying.

ShadowmanX5 says:

Wow...just wow

Seriously what is happening at Sony?? I remember years ago when you heard the name that your mind linking it with quality. But now I think they have just relied on their name far too much and lost alot of that quality in the process :\

What happened to all this "extra security measures"??? The way they have been talking about it all you would of thought it'd be impenetrable. Well eventually the penny will drop and Sony will have to step up their game...otherwise they will eventually fade out from lack of loyalty and customers...

Nader says:

And so the story goes, li da di, li da di...

Josey Wales says:

dont you mean ob la di, ob la da?

Abe Froeman says:

I was thinking the same thing.

you say: