PSN log-in pages down thanks to password exploit

PSN log-in pages down thanks to password exploit
Sony just cannot catch a break.

Within three days of the company restoring the PSN after over 3 weeks of downtime, Sony has had to take down its PSN web logins, thanks to a password exploit.



Users trying to sign in via Playstation.com, the PlayStation forums, PlayStation Blog, Qriocity.com or the Music Unlimited are greeted with the following message:

The server is currently down for maintenance. We apologize for the inconvenience. Please try again later.


Additionally (via PCM):

Unfortunately this also means that those who are still trying to change their password ... via Playstation.com or Qriocity.com will be unable to do so for the time being. This is due to essential maintenance and at present it is unclear how long this will take. In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.


Apparently, the PSN password system has a flaw that allows hackers to change your password as long as they have your date of birth and email associated with the account. 101 million users had their personal data compromised with the original breach, including, you guessed it, DOB and email.

Written by: Andre Yoskowitz @ 18 May 2011 12:23
Tags
exploit hacking PS3 PSN Log-in
Advertisement - News comments available below the ad
  • 21 comments
  • SGSeries2

    Wow. This is just... wow.

    18.5.2011 13:04 #1

  • Oner

    It's just a phishing scam ~ Info Here

    Edit: PSBlog update

    18.5.2011 13:30 #2

  • hikaricor

    This just keeps getting better. :p

    18.5.2011 14:06 #3

  • ThePastor

    This actually made me laugh...

    Unfortunately for them, all Blu-ray protections have been broken and BD rips can be found around the Internet, usually before the retail even hits shelves.

    18.5.2011 17:13 #4

  • 3MUK

    UM lol

    "You can lead a fool to wisdom but you cant make him think"

    18.5.2011 17:52 #5

  • Mysttic

    Oh but Sony really improved security since the breech... Believe I can insert "told you so" from my other argument.

    18.5.2011 18:22 #6

  • A5J4DX

    wtf lol

    18.5.2011 18:34 #7

  • Oner

    Originally posted by Mysttic: Oh but Sony really improved security since the breech... Believe I can insert "told you so" from my other argument. And just like your other argument you are leaving out information that clarifies things. Have you actually read what it was that I posted? It's nothing more than a phishing scam. Not a "hack". There is a BIG difference.

    18.5.2011 19:49 #8

  • KillerBug

    It isn't just a phishing scam.

    Their method of changing passwords from what the hackers have worked by using the information the hackers have. This means that accounts (as well as PSN store purchases and balances) can be stolen using the information that the hackers already had...and the passwords were only changed because Sony knows that the hackers have the passwords (plus the other items needed to use the page). Typical Sony security.


    19.5.2011 00:03 #9

  • slackdast

    Quote:Apparently, the PSN password system has a flaw that allows hackers to change your password as long as they have your date of birth and email associated with the account. Don't they say that's a feature? I mean, how many passwords can be "recovered" with info like that? Quite a few different systems i can think of.

    19.5.2011 09:54 #10

  • Oner

    Originally posted by KillerBug: It isn't just a phishing scam.

    Their method of changing passwords from what the hackers have worked by using the information the hackers have. This means that accounts (as well as PSN store purchases and balances) can be stolen using the information that the hackers already had...and the passwords were only changed because Sony knows that the hackers have the passwords (plus the other items needed to use the page). Typical Sony security.
    It is a phishing scam. You said it yourself "changing passwords from what the hackers have worked by using the information the hackers have" there is NO HACK involved. And that's even IF this is the work of the hackers who hacked the PSN. It could STILL be just a regular phishing scam done by whoever.

    Originally posted by slackdast: Quote:Apparently, the PSN password system has a flaw that allows hackers to change your password as long as they have your date of birth and email associated with the account. Don't they say that's a feature? I mean, how many passwords can be "recovered" with info like that? Quite a few different systems i can think of. Exactly.

    19.5.2011 12:35 #11

  • YoJembo01

    Ha...hahahahaha

    Its a lot easier being righteous than right.

    19.5.2011 14:21 #12

  • hglez86

    Even though it is not a hack as it has been "clarified", it is still a mistake on sony's part... and they use expressions like "simple phising scam" to make it sound like nothing; "simple" makes people see the problem like almost nothing, which in turn might translate to nothing at all... it is just a "simple" mind trick... anyway, a problem is a problem, no matter how "big" or "small" they might make it look like, which is from my point of view the real point of the article...

    ps. bottom line, psn taken down again X_x

    X_x

    20.5.2011 00:56 #13

  • motormous

    so when do the prices of the ps3 drop to encourage people to keep buying playstation?

    20.5.2011 02:10 #14

  • Oner

    Originally posted by hglez86: ...bottom line, psn taken down again X_x Don't know where you are getting your info from but the PSN is not down because of this.

    20.5.2011 17:01 #15

  • hglez86

    Originally posted by Oner: Originally posted by hglez86: ...bottom line, psn taken down again X_x Don't know where you are getting your info from but the PSN is not down because of this. i didn't say "psn is down again because of that" i said "bottom line" as in no matter what, it is down again.

    X_x

    21.5.2011 09:13 #16

  • Oner

    Originally posted by hglez86: Originally posted by Oner: Originally posted by hglez86: ...bottom line, psn taken down again X_x Don't know where you are getting your info from but the PSN is not down because of this. i didn't say "psn is down again because of that" i said "bottom line" as in no matter what, it is down again. Semantics...the PSN wasn't down at all. Just the login for the PC internet web forums, PS.com etc. Access to the PSN on your PS3 was absolutely not affected by this. Hence to say "it is down again" when the actual PSN was not down is incorrect.

    21.5.2011 12:34 #17

  • hglez86

    I apologize to all phony worshipers... I don't have english as a first language, I made an unforgivable mistake with semantics... oh wait, do i see punctuation mistakes?... never mind, even as it is, i did make a mistake... nevertheless, Phony did have something not working what ever it was, and it must have caused some type of problem for some users somewhere in the world who did not have just the right equipment to use which ever service it was they were trying to access when they were faced by the screw up... vague enough? X_x

    X_x

    22.5.2011 05:51 #18

  • Oner

    Originally posted by hglez86: I apologize to all phony worshipers... I don't have english as a first language, I made an unforgivable mistake with semantics... oh wait, do i see punctuation mistakes?... never mind, even as it is, i did make a mistake... nevertheless, Phony did have something not working what ever it was, and it must have caused some type of problem for some users somewhere in the world who did not have just the right equipment to use which ever service it was they were trying to access when they were faced by the screw up... vague enough? X_x Way to be childish about something that was just being explained/clarified so you wouldn't be misinformed. It's kinda like someone coming into the forum and saying "1+1=3" then it's explained it's actually "2" only for them to get mad because someone tried to correct/help them understand. But whatever ~ if you want to go on and not have the correct information, so as to look like you don't know what you are talking about, then go right ahead...it is your choice to want to be clueless after all. Cheers.

    22.5.2011 17:03 #19

  • hglez86

    it's not like someone said "1+1=3" it's more like someone said "1 + 1 equalz 3" and then they get slapped for not knowing exactly the right words to use:

    Quote:Semantics... either way, i never claimed to know it all or have first hand information, i even went as far as saying:

    Quote:which is from my point of view the i did that because i knew something like this was coming, and i read on some other thread that a certain someone said to say when you are saying an opinion...

    either way, I AM CLUELESS! there, i said it, and that's exactly why i'm coming here to read the news everyday several times a day to read the news, but i guess i won't ever be good enough material for this.

    also before it comes which i know if this goes on it will which is the usual, i am not trying to make any fight or anything, but i do think i have a right to try and defend my self if i think i'm being picked at... anyway, i guess us ignorants are never gonna learn right?

    so any ways, hope you the best Mr. Oner, and if you said before that you weren't running away anyone ever, well let's make it an official first, and i say official because i don't doubt it ever happened before.

    My best regards to After Dawn and those who did make it a great experience for me over the years.

    X_x

    22.5.2011 21:10 #20

  • Oner

    Originally posted by hglez86: it's not like someone said "1+1=3" it's more like someone said "1 + 1 equalz 3" and then they get slapped for not knowing exactly the right words to use:

    Quote:Semantics... either way, i never claimed to know it all or have first hand information, i even went as far as saying:

    Quote:which is from my point of view the i did that because i knew something like this was coming, and i read on some other thread that a certain someone said to say when you are saying an opinion...

    either way, I AM CLUELESS! there, i said it, and that's exactly why i'm coming here to read the news everyday several times a day to read the news, but i guess i won't ever be good enough material for this.

    also before it comes which i know if this goes on it will which is the usual, i am not trying to make any fight or anything, but i do think i have a right to try and defend my self if i think i'm being picked at... anyway, i guess us ignorants are never gonna learn right?

    so any ways, hope you the best Mr. Oner, and if you said before that you weren't running away anyone ever, well let's make it an official first, and i say official because i don't doubt it ever happened before.

    My best regards to After Dawn and those who did make it a great experience for me over the years.
    No one is "picking on you" I simply corrected information that you said that was not accurate (of which you admit yourself). You then took it to heart to deeply (for whatever reason) and now all of this dramatics from post #18 on for no real reason...

    If I said something incorrect I would want someone to help me out to have the correct information, I would be appreciative, learn and then move forward being more properly knowledgeable of the situation. Simple as that.

    23.5.2011 12:49 #21

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud