Sony's nightmare may not be over yet. New reports show that PlayStation
Network user accounts can be exploited by hackers through the password
reset page. Hackers can use the PSN reset page to get into users'
accounts using only a PSN email and date of birth. Both of these pieces
of information were stolen during the original breach. As a result,
sign-in is now unavailable across a wide number of Sony's sites, as the
company deals with the issue.
Sony Confirmed the Security Flaw"Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being. This is due to essential maintenance and at present it is unclear how long this will take. In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information."
Sony later tweeted an update: "Clarification: this maintenance doesn't affect PSN on consoles, only the website you click through to from the password change email."
Sony first reported the security breach, which exposed the user account information of 100 million users, including credit card data, on April 26. Sony began restoring the network earlier this week, though users were still complaining about outages shortly afterwards.
Read the full article