Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads

PSN Hacked AGAIN.


Linoleum Knive
 Share

Recommended Posts

http://crave.cnet.co.uk/gamesgear/playstation-network-hacked-again-this-time-via-password-reset-system-50003806/

 

Ahem, Sony, ladies and gentlemen!

 

Sony's hacked-to-pieces PlayStation Network is on the chopping block yet again -- the mandatory PSN password reset system can be used to take control of user accounts, it seems, using information that hackers have already stolen.

 

Sony forced users to change their passwords before they could use the PlayStation Network again, but changing a password only requires a PSN account email address and the user's date of birth -- both of which were pinched in the massive personal data theft back in April.

 

Sony's already taken the password reset page offline, replacing it with a site maintenance notice.

 

In a statement, Sony said, "Unfortunately this also means that those who are still trying to change their password via PlayStation.com or Qriocity.com will be unable to do so for the time being. This is due to essential maintenance and at present it is unclear how long this will take."

 

The issue doesn't affect PSN on consoles, so if you've already changed your password you'll still be able to play games online.

 

When users change their passwords they should have been sent an email with a confirmation link. But we've seen reports, such as this one on the Neogaf forum, that allege ne'er-do-well hackers have been able to exploit the password reset page so that the password is changed without the owner of the email account clicking that confirmation link. We expect more details will emerge shortly.

 

This is enormously embarrassing for Sony, which is desperate to convince users it's serious about security in the wake of the massive data theft.

Link to comment
Share on other sites

Did you read the article?

 

The system was not hacked, they simply overlooked the fact that if the hacker(s) wanted to they could simply log in to Sony's website, put your account information in, choose to "Forget Password" and then use your e-mail address(which would be possible because people are too stupid to change their passwords) and log back into your PSN account.

 

Misleading title is misleading.

Link to comment
Share on other sites

Did you read the article?

 

The system was not hacked, they simply overlooked the fact that if the hacker(s) wanted to they could simply log in to Sony's website, put your account information in, choose to "Forget Password" and then use your e-mail address(which would be possible because people are too stupid to change their passwords) and log back into your PSN account.

 

Misleading title is misleading.

 

Cant change the title now. You want to?

Link to comment
Share on other sites

I don't mean it necessarily at you, CNET titled the article that way.

 

As I was just explaining to Monkey, nowhere in that article does it say that someone was able to infiltrate Sony's database to obtain users' information. Therefore, the system wasn't hacked, Sony's password recovery system is still vulnerable to the previous attack and they're too stupid to realize it.

Link to comment
Share on other sites

I don't mean it necessarily at you, CNET titled the article that way.

 

As I was just explaining to Monkey, nowhere in that article does it say that someone was able to infiltrate Sony's database to obtain users' information. Therefore, the system wasn't hacked, Sony's password recovery system is still vulnerable to the previous attack and they're too stupid to realize it.

 

Ah. Gotcha. Well then. I look like an ass. Woo.

Link to comment
Share on other sites

Do you really think Sony did not have any of that? If they didn't then expect a class action law suit in their future.

 

The future is now, my good man. http://www.joystiq.com/2011/04/27/class-action-lawsuit-filed-against-sony-for-security-breach/

 

The complaint, which was filed by the Rothken Law Firm representing 36-year-old Alabama resident Kristopher Johns (as well as every other affected PSN user), accuses Sony of "failure to maintain adequate computer data security of consumer personal data and financial data," and of failing to take "reasonable care to protect, encrypt, and secure the private and sensitive data of its users."
Link to comment
Share on other sites

Xbox live is the fucking gayest shit i have ever seen and I don't think anything will top it until Kotick starts charging to play online in COD

 

 

Oh yeah? You're the gayest shit I have ever seen! lol jk.

Xbox live is awesome!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share