S. Joell-Ireland On May - 19 - 2011

A website set up by Sony to allow users to reset their passwords following last month’s hack attack is itself subject to a security alert.

A Sony user discovered an exploit on the site that could have been used by hackers to impersonate users.

Password resets have been necessary following the exposure of 77 million Sony PlayStation users’ personal details.

Sony admitted the sites were insecure but said no hack had occurred.

In its blog it said: “We temporarily took down the PSN password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed,” Sony said in a statement.

It will be further embarrassment for the gaming giant and more inconvenience for its users.

“Anyone who has already reset their password is still able to gain access to the PSN but for those who haven’t they wont be able to reset it until the servers go live again, which will be shortly,” said a Sony spokesman.

Wesley Yin-Poole, news editor of gaming website Eurogamer explained what had happened.

“There was an exploit that allowed anyone to reset your password using just your e-mail address and date of birth, effectively locking them out of their own PlayStation account,” he said.

E-mail addresses and dates of birth are some of the personal details thought to have been stolen by hackers last month.

“This is just another embarrassment hot on the heels of the hack attack. It is nowhere near as serious but will be another headache for Sony,” he added.

Sony Boss - Howard Stringer

The majority of PlayStation users are able to reset their password through their consoles rather than by going online.

On 20 April the Japanese electronics giant was forced to shut down its PlayStation network, after what has been described as the biggest hack attack in history.

Yesterday, Sony boss Howard Stringer said the firm did act quickly enough to tell users about the problems.

Sony has offered users a year’s free identity protection and free games in order to persuade them back to the network.

Credits to BBC Tech
Edited and Posted by Stephen Joell-Ireland

Categories: Recent News
blog comments powered by Disqus

Featured Posts

Star Raiders Review

Just like their recent release of Yar’s Revenge, which was reviewed by our very own Andrew Wylie, Atari seem intent on traveling even further back in time to plunder their back-catalogue for ideas. The original Star Raiders title was released for the Atari 800 in 1979 and has been long forgotten by just about everyone [...]

Bumblepig Review (Xbox Indie Games)

James takes a look at one of the newer xbox indie games this week - Bumblepig. Is it bloomin good fun or is it just full of pollen? Sad cliche’s aside let’s take a look at the video review!

Fantastic Four Table Review - For Pinball FX2

James takes a look at the newly released Fantastic Four table for Pinball FX2. This table is later to be released on Marvel Pinball when Sony finally get their act together and open back up the PSN store. Is this table worth your 240 microsoft points though? Find out in this video review

Search my site

Twitter Updates