It Never Ends: PlayStation Network Password Page Was Compromised
A couple of days ago, we reported that Japanese authorities weren’t allowing Sony to turn on the PlayStation Network in Japan because they felt Sony’s promised security countermeasures were not yet completed. Well, it turns out said authorities may have been correct, as Nyleveia first reported and Eurogamer has seen video evidence that Sony’s PlayStation Network password page was compromised.
The hack allowed anyone to change any account password, so long as said account’s email and date of birth was known, regardless of if said account had its password changed when the PSN returned. If a culprit did not know an account’s email address or date of birth, said account remained safe, though the problem here is that the PSN went down precisely because that information — along with a load of other sensitive information — was obtained through the initial hack.
Eurogamer reports they have seen video evidence that verifies the password hack worked, but luckily, Sony took down the password page shortly after Nyleveia began reporting the hack. As of now, users will still be able to sign into the PSN via their PlayStation 3 or PSP, but Nyleveia suggests “that everyone, regardless of if they have been affected or not, create a new password and change their account email to one they do not use anywhere else, and will not be sharing with anyone else just for additional security.”