Sony's PSN password page exploit

By Wesley Yin-Poole Published 18 May, 2011

When will it end?

Eurogamer has seen video evidence that verifies reports that Sony's PlayStation Network password reset system suffers from an exploit that allows attackers to change your password using only your PSN account email and your date of birth – information compromised in the PSN hack of 20th April.

Sony today made PSN sign-in unavailable for a number of its websites, including PlayStation.com and the PlayStation forums. All PlayStation game titles are also unavailable.

Crucially, the website users are directed to by password reset emails is now down.

"Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being," Sony said. "This is due to essential maintenance and at present it is unclear how long this will take.

"In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information."

Sony later tweeted: "Clarification: this maintenance doesn't affect PSN on consoles, only the website you click through to from the password change email."

The exploit was first revealed on Nyleveia.com.

"I would suggest that you secure your accounts now by creating a completely new email that you will not use ANYWHERE ELSE, and switching your PSN account to use this new email," recommends the site.

"You risk having your account stolen, when this hack becomes more public, if you do not make sure that your PSN account's email is one that cannot be affiliated with or otherwise traced to you."

NeoGAF users have also corroborated the claim.

Nyleveia claims to have contacted Sony about the exploit. "The system went down approximately 15 minutes after I received a response from SCEE on the matter."

Sony has taken the page in question down, and with any luck is fixing the exploit.

Eurogamer has contacted Sony for comment.

Picture of Wesley.

About Wesley Yin-Poole

Wesley is Eurogamer's news editor. He likes news, interviews, and more news. He also likes Street Fighter more than anyone can get him to shut up about it.

Read more articles from Wesley by visiting the Wesley Yin-Poole archive page.

You may also like...

Comments (144) Latest comment 1 year ago

Comments for this article are now closed, but please feel free to continue chatting on the forum!

  • brappbrap #1 1 year ago

    Oh Jesus Christ, this really could not get any more ridiculous

  • jablonski #2 1 year ago

    Hackers piss off

  • Jay-ITFC #3 1 year ago

    AGAIN!?!?!?

  • PearOfAnguish #4 1 year ago

    This is hilarious. Someone at Sony is going to get a spanking.

  • des #5 1 year ago

    omg

    lol

  • SClaw #6 1 year ago

    FACEPALM

  • X201 #7 1 year ago

    "password reset page has been hacked"
    or
    "has a security hole"?

    There's a big difference

  • kentmonkey #8 1 year ago

    I'm confused. Do they still take protecting my data seriously and is it still their number one priority?

  • oceanmotion #9 1 year ago

    They really are a bunch of amateurs. You always had that feeling with Sony's online offering from the beginning. Years have past and then it finally catches up with them.

  • X201 #10 1 year ago

    It hasn't been hacked.

    Its a security hole/exploit call it what you will in the system.


    Edit: Wesley's been good enough to edit his story, so its only fair I take the EG bashing out of mine
    Edited by X201 at 18/05/11 @ 14:54

  • chasejamie #11 1 year ago

    F'sake.

  • arcam #12 1 year ago

    I hope that bit of paper they got Geohot to sign was worth all this trouble...

    That whole case seems so long ago now.

  • Augmentation #13 1 year ago

    Wow, those hackers are pretty perseverant. I can't help but think they could have a better use for their time...

    EDIT: Great, bashing Sony has become popular again. A hacked website can happen to anybody, get off Sony's back.
    Edited by Augmentation at 18/05/11 @ 14:21

  • jonharrispro #14 1 year ago

    AHHHAHAAAAA!! after all the crap about "regaining consumer confidence" this then happens.

    Somebody's getting a P45

  • GamesConnoisseur #15 1 year ago

    Sony areshole?or is it always the hackers that is the sources of all the frustrations, tit ups and so forth!

    In a world hacker free, there ll be none of this plus Windows not getting daily updates and so on.

  • dpb135 #16 1 year ago

    OFFS Sony

  • PinktotheLast #17 1 year ago

    Fortunately, the day after the original hack became clear I set up a number of dummy email accounts to separate important stuff from unimportant stuff. When the PSN came back online I put the PSN account to the unimportant email address, and also created a unique password.

    I also deleted my billing info from PSN.

    Sorry Sony I just can't trust that you won't get hacked again. Looks like I was right to be cautious.

  • Deadly_Spike #18 1 year ago

    This is getting to be ridiculous now. FFS - Hackers you had your fun. You've not only successfully managed to seriously damage Sony's rep but also wound up millions of gamers around the world and now you just keep adding insult to injury.

    I know people are annoyed at Sony but they need a bit of empathy from us gamers. They've spent 20 odd days getting our services up and running, given us a more than generous welcome back offer and now are still being victimised by these cyber tossers.

    Okay so not a hack (revokes above rant) but still, can people please stop ranting on about Sony. The selfish part of me wants to see all this crap happen to Xbox owners so they can get off their high horses. But the reality is that I wouldn't wish this scenario on any gamers of any platform.
    Edited by Deadly_Spike at 18/05/11 @ 14:47

  • Snake_2011 #19 1 year ago

    EG your full of crap this is no hack it is a exploit.

  • Sodding_Gamer #20 1 year ago

    FFS! So hold on a second. We all need to make a new email? Then link our PSN to that email?! I didn't even know you could do that :S and if you could I would of thought that sort of thing would only be available on the website... Which is down. So Hackers could be getting into my account right this minute?!!?!

    This is beyond ridiculous now :(

  • Snufkin #21 1 year ago

    /Bangs head against wall again and again and again...

  • jefranklin18 #22 1 year ago

    @Deadly_Spike:

    And Poole is loving every second of it.

  • Slikz #23 1 year ago

    Ah, I see the SDF are out once again doing the rounds.

  • MattEdWithCheese #24 1 year ago

    Waiting for the "Sony defends" article for this

  • wyp100 #25 1 year ago

    You're right - this isn't a hack, it's an exploit. Story amended.

  • Toothball #26 1 year ago

    So what, are we going to have to change our passwords again? They may as well put the whole of PSN into a lead box and seal it in a concrete bunker at the bottom of the ocean. Maybe it would be safer then?

  • youhavenomail #27 1 year ago

    Oh well, that's two more free games, please, Sony.

  • TomDent93 #28 1 year ago

    Thank god for microsoft

  • Teamallstar #29 1 year ago

    This may be the funniest thing I have ever heard.

    I'm not re-signing up to Sony ever again.

    Totally incompetent.

  • randompanda #30 1 year ago

    Haha they've changed the headline from hacked to exploit.

    This is the second time today isn't it?

  • Mkwone #31 1 year ago

    Does this still affect people who have already changed their passwords after the recent update?

  • X201 #32 1 year ago

    Thanks Wesley,

    Good man

  • niallymul #33 1 year ago

    Does anyone else have a suspicios feeling that M$ might be behind all this hacking, as a major publicity plot??????????

  • Bennicus #34 1 year ago

    So what's the difference between hacks and exploits? Hackers work by taking advantage of weaknesses in the system, so aren't all hacks exploits? If there aren't any security holes then it's not possible to hack something (but it's virtually impossible to build a system with no weakness).

  • geeza2020 #35 1 year ago

    the fun never stops :/

  • TopKatt #36 1 year ago

    Calm down Xbots, it's a potential problem that's been spotted and is being dealt with.

  • X201 #37 1 year ago

    @Bennicus

    A hack is breaking into a system - which most times, involves using exploits to gain access
    An exploit is getting a system to do things that it shouldn't do (but at no time actually breaking into it).
    Edited by X201 at 18/05/11 @ 14:32

  • Bennicus #38 1 year ago

    But you generally use exploits as part of a hack, that's what confuzzled me. Ta :)

    cwk, see x201's reply above mine, he explains it better. Hacking is the process of breaking into a system, usually through the use of exploits.
    Edited by Bennicus at 18/05/11 @ 14:49

  • cwk27 #39 1 year ago

    @Bennicus: So why even bother having the term "Hack" then if it's all a series of exploits?

    Also, I must admit that I'm somewhat of a PS3 fanboy due to my innate sense of mistrust towards Microsoft (that and Uncharted and God of War) but even I'm getting tired of this.

    These continued hacks are like kicking your opponent when they're down on the ground and sobbing for mercy.

  • Zizou97 #40 1 year ago

    What the hell! If it wasn't for the fact that my Xbox is only 20gb and sounds as it gonna take off into outer space everytime I start it up, I would have got rid of my PS3 long ago and this is about to push me over the edge, seriously. If I update my Xbox and is fortunate to be among the chosen ones that will have a new machine for free by Microsoft, I'll see it as a clear sign to abandon Sony.

  • Ryze #41 1 year ago

    Another issue - if you're counting them, is that I was able to simply change my password to the same word(s) with one letter capitalised.

    Such a secure system, eh?

  • SBfistfun #42 1 year ago

    Zomg
    PWND
    lulz
    etc

  • chiefian #43 1 year ago

    Sony: Y U NO SECURE ME

  • Bennicus #44 1 year ago

    I hope they can't steal my trophies

  • potter73 #45 1 year ago

    Felt like I had over reacted when I linked a new addy to my PSN account and deleted my original email account (when the original breach occured). Don't feel so stoopid now.

    Still the breach was found and they are in the process of fixing it.....no evidence that any hackers have actually used the exploit yet.

    Not a good few weeks for Sony, hopefully they can bounce back from this

  • SavageEvil #46 1 year ago

    Weird stuff going on, considering that if you changed you email password when the news was given about the stolen emails, then you wouldn't have anything to worry about as you can't sign into the damn email account since you changed the password and would have to enter in the new one when you fire up your PS3. Still don't know how you can change my password when the password has to be sent to my bloody email to verify the change, as you can't change emails until you log in using the original email you had.
    Edited by SavageEvil at 18/05/11 @ 14:44

  • Ryze #47 1 year ago

    @Deadly_Spike

    Hackers have NOTHING to do with this. An exploit has been found - ONCE AGAIN DUE TO SONY'S INCOMPETENCE WITH NETWORKED SOFTWARE AND SERVICES.

    But I've only been saying for several YEARS that Sony can't 'do' networked software and services.

    :o/

  • Mattattattatt #48 1 year ago

    This shouldn't be too difficult to fix and should be isolated to a couple of scripts.

    I messed up my new password and had to reset it again because I'd forgotten a special character or something. I noticed all you need is date of birth and email to request the password change. Sony, I think you need to force us to add some new security info now all that stuff's been lifted...

  • Biker_Bob_1971 #49 1 year ago

    Post deleted at 15:13:15 09-05-2012

  • AcidSnake #50 1 year ago

    "I would suggest that you secure your accounts now by creating a completely new email that you will not use ANYWHERE ELSE, and switching your PSN account to use this new email," recommends the site.

    Couldn't Sony splurge for a nice website that gives PSN users a free e-mail address and send copies to that address by default?...
    username@myps3.com or something?
    Not linked to anything else, plus they can put their ads up all over the place...

  • Widge #51 1 year ago

    Usage of SDF or XBOT should be followed by deletion from life.

  • BartonFink #52 1 year ago

    LOL - they really are utterly useless aren't they.

  • Darren #53 1 year ago

    I successfully installed the new firmware and updated my password about two or three days ago so does that mean it's fine or is it still at risk of being changed by someone else? I haven't been on my PS3 for several days since and had no plans to until L.A. Noire arrives on Friday.

  • darkmorgado #54 1 year ago

    I'm sorry but I couldn't help but glol at this. IT NEVER ENDS!

  • dingo75 #55 1 year ago

    Oh SONY! I hope the fun you had with GeoHot was worth it.
    Seems some guys have their fun with you now.

  • X201 #56 1 year ago

    @Darren
    You're at no risk now that they've taken the page down.

    As long as you haven't received an unsolicited password change confirmation email - then you'll be OK.

  • RodHull #57 1 year ago

    Does this mean I can have a free copy of LBP2 as well? I trod on mine and it is in quite a few pieces.

  • loveless #58 1 year ago

    This isn't a hack - just sheer bloody stupidity.

    Asking for email and date of birth is not security for changing passwords. A lot of this information can be obtained relatively easily for a lot of people anyway - regardless of what hackers may have been taken earlier.

    When you haven't got a secured means (ie. a registered PS3 console), then they should be asking for the original password and/or generating a validation token that is sent to the email address, that people then have to verify the request.

    Complete utter fail, Sony. What's the compensation package for this cock-up?

    And Stringer - this complete incompetence, following your outburst the other day - when are you packing your bags?

  • edhe #59 1 year ago

    Keep proving the point that internet security is NOT EASY. You can't fix one system only to let another part of that system be flawed and susceptible to other hacks.

    Get on the ball.

  • TheEarlOfZinger #60 1 year ago

    Seems like this will be patched quickly. I'll take the risk this time.

    But games I already have do not make up for this ENDLESS STREAM OF HASSLE TO ME AS A CUSTOMER, FUCKING SORT IT PLEASE!!!
    Edited by TheEarlOfZinger at 18/05/11 @ 15:02

  • butler` #61 1 year ago

    just thinking back to their CEO's letter to "the people"

    IT'S TOTALLY COOL THOUGH GUYS. WE'VE GOT THE GREATEST MINDS IN DATA SECURITY WORKING ON THIS.

    yes, yes you have.

  • Odessa #62 1 year ago

    Maybe i should also change the email for my xbox live account. I knew all the time nothing is 100% secure but now with all the attention to Console account data for sure people try to find a way in to MS too ...

  • Jolly_Armadillo #63 1 year ago

    Someone needs to get a cage for the hundreds of trolls that have keep lurking inside any thread with PS is in the title.

    Once caged they can be fed an hourly dose of sensationalist "Sony is failing headlines" to prevent their heads from exploding.


    Oh, apparently they already have, they called the so called cage eurogamer

  • GreyBeard #64 1 year ago

    PSA:

    Short version afaik is that an exploit was found where a hacker could redirect/intercept the confirmation email sent after a password reset was requested.

    Fortunately it seems that both requests (the initial request for a change, and the actual confirmation of the password change) do go to the original owner so its not like this could be done without the victim being sent two emails confirming the action.

    If anything has happened to you, you'll know about it, and so will Sony.

  • Snufkin #65 1 year ago

    @Jolly_Armadillo - that is the most inarticulate 'zing' I have ever read.

  • Nevfx #66 1 year ago

    To avoid this, just reset your password on your PS3 console itself, it doesnt require you to verify it by email or anything, all it does is sends an email confirming its been changed.

  • paulf #67 1 year ago

    pwned

  • Machiavellian #68 1 year ago

    Awaiting coolbritannia's witty and informative comments to this lastest saga!

    That's not the way to invoke coolbritannia's. You have to call his name 3 times

    coolbritannia
    coolbritannia
    coolbritannia

    Does anyone else have a suspicious feeling that M$ might be behind all this hacking, as a major publicity plot??????????

    No, MS and their products are under attack every single day. They have more experience in this area unlike Sony. Since the day Sony declared war, they will find themselves in the same position as MS. They are a focus for people who love to hack, exploit or grief a company. From now on Sony will have to make sure they secure everything. Any exploit will be taken advantage of. It will make Sony stronger if they can take it but it will also be a constant assault they will have to endure.

  • Jolly_Armadillo #69 1 year ago

    "@ Jolly_Armadillo - that is the most inarticulate 'zing' I have ever read"

    Thanks :), still the trolls are annoying..

  • Roarster #70 1 year ago

    @GreyBeard - don't think they had to intercept the email, it just involved a bit of URL manipulation that took you to a new page that let you update a password with only an email address and a date of birth bypassing the email confirmation process. It's probably an old page that was left on the web server by mistake.

    Pretty shoddy work to be honest though at least it should be clear that this has happened to you (since it still seems to send out two emails).

  • Zozzilla #71 1 year ago

    ... *sigh*

    Oh well, just a case of logging in on my PS3 and swapping it over hopefully. Providing I can still log in.

  • rojjer #72 1 year ago

    fuck this. Its trade-in time and I'll buy a dedicated Blu-ray player.

  • TopKatt #73 1 year ago

    @Odessa

    No don't worry. Microsoft are totally on the ball when it comes to online security and would never, ever, release any product that has any type of potential security issue that hackers could exploit.

    Edited by TopKatt at 18/05/11 @ 15:19

  • HyperTails #74 1 year ago

    If its an exploit then the security guys will close the hole. Though I am suprised about hearing this.

  • Architect_z #75 1 year ago

    Someone send in Solid Snake to infiltrate the hackers facility, so he can take them down using what the boss taught him about CQC!!!

  • Psychotext #76 1 year ago

    I wonder what other holes they left in the rush to get the services back up.

  • GreyBeard #77 1 year ago

    @Roarster

    I stand corrected, although regardless of the methodology the email conformations thankfully do get sent!

    That said, if the person exploiting the system like this already have your PSNID, email address and DoB why do they need to hack you again? Just seems like a griefing attack tbh.

  • coolbritannia #78 1 year ago

    "That's not the way to invoke coolbritannia's. You have to call his name 3 times

    coolbritannia
    coolbritannia
    coolbritannia "

    Heeeeere's Britney!

    Honestly though, it's no big deal, Sony cannot fail any further in my eyes. Completely and utterly useless in every way. Their online will be forever compromised.

  • GoingPostal13 #79 1 year ago

    I'm a bit confused.

    You've just had your customers details syphoned from your servers. You've just spent three weeks improving the security and applying the server patches you should have done months ago.

    Then you *don't* make a list of the different portals where your details can be changed and check whether the processes in place can be exploited with those lost details?

    That really doesn't inspire me with confidence.

  • orangpelupa #80 1 year ago

    "Sony has taken the page in question down, and with any luck is fixing the exploit. "

    wait,,, isnt its should be "fixing the vulnerability" ?

    "Eurogamer has seen video evidence that verifies reports that Sony's PlayStation Network password reset system suffers from an exploit that allows attackers to change your password using only your PSN account email and your date of birth "

    become

    "Eurogamer has seen video evidence that verifies reports that Sony's PlayStation Network password reset system suffers from an vulnerability that when exploited allows attackers to change your password using only your PSN account email and your date of birth "
    Edited by orangpelupa at 18/05/11 @ 15:32

  • joelstinton #81 1 year ago

    "I bet Charliechan pleasures himself to sleep every night because of things like this. He'll be there in his little xbot pyjamas, tucked into his bed shaped like a 360, clutching his master chief statue"

    Swings and roundabout mate! don't need people like you sticking the boot in every 2 minutes.

  • vaser3 #82 1 year ago

    “We had no reason to believe that our security was not good and still no reason to believe it."
    Howard Stringer, Sony Corp. Chief Executive, a couple of days ago.
    Edited by vaser3 at 18/05/11 @ 15:51

  • Roarster #83 1 year ago

    @GreyBeard - It may be possible to steal someone's account doing this, I've no idea what you can change without confirmation once you've changed someone's password. It's probably not worth it though, it would be a lot of work for one account and if you ever logged in using it Sony would have your IP address.

    Anyway, all of this reminds that I still need to turn my PS3 on and change the password on my account.

  • chasejamie #84 1 year ago

    If I change my email, wouldn't some nerdy scrotum find away to just hack into the new info anyway? Endless loop.

  • TopKatt #85 1 year ago

    Ahhh bless, I think I've upset charliechan. Don't worry mate, I love the Xbox as well, no need to get yourself all worked up.

  • coolbritannia #86 1 year ago

    TopKatt, we feel your pain dude.

  • Beano #87 1 year ago

    So they forgot to remove the old reset system which can be used to change the password without e-mail verification?

    That's stupid beyond belief!

  • coolbritannia #88 1 year ago

    "if your house was burgled, you wouldn't call the police until you knew something was taken"

    if you did, you certainly wouldn't change the locks and leave the doors open, like they have here.

  • TopKatt #89 1 year ago

    @charliechan

    If I'm not bothering you, why don't you just ignore me? Or is that not possible with your OCD?

  • BOFH_UK #90 1 year ago

    Okay, I know this is a folorn hope but could gamers maybe leave the usual fanboyism aside for now and start putting real concentrated presure on Sony to get its act sorted out? This is getting utterly ridiculous and it's totally unacceptable for a gatekeeper of digital information the size of Sony to be so lax on security. It's now very clear that they need to do a complete overhaul not just of their current systems but the way they approach securing their networks and data. Until they do I'd honestly recommend that everyone consider any data stored on Sony's services as compromised.
    Edited by BOFH_UK at 18/05/11 @ 20:35

  • maximusfarticus #91 1 year ago

    Fuck off chan, you stupid boring cunt.

    @topkatt, don't feed the trolls ffs.

  • coolbritannia #92 1 year ago

    TopKatt your irony is killing me. How about instead of urging him to put you on ignore, you just ignore him instead?

    Where's Ken when you need him? Maybe they need to use the selling spiel they used when the PS3 price tag was announced?

    "You should all work harder to earn more money and pay for a proper online service. Xbox Live."

  • TopKatt #93 1 year ago

    @coolb

    Ah, but I'm not the one having to resort to insults am I? Surely to get down to that level, I must be bothering him? He's not bothering me which is why I haven't insulted the little gobshite.

  • Biker_Bob_1971 #94 1 year ago

    Post deleted at 16:59:10 06-02-2012

  • coolbritannia #95 1 year ago

    to the Playstation Blog!

  • BartonFink #96 1 year ago

    You could if you could even bloody log into it to leave a comment - lol

  • BartonFink #97 1 year ago

    You forgot feature removal

  • GoingPostal13 #98 1 year ago

    Apart from Linux - but we probably *really* shouldn't go there.

  • kangarootoo #99 1 year ago

    @maximusfarticus

    "Fuck off chan, you stupid boring cunt.
    @topkatt, don't feed the trolls ffs. "

    ?????

  • BartonFink #100 1 year ago

    And Backward Compatibility Postal ;)

  • Wobble #101 1 year ago

    karma's a bitch.

  • tiny_Eggy #102 1 year ago

    charliechan
    18/05/11 @ 16:19

    console gamers *sigh* small children the lot of them.

  • TopKatt #103 1 year ago

    Christ, the sheer effort that charliechan and the like put into their silly fanboy posts is astounding.

  • abcd #104 1 year ago

    You think that's bad, I've just found a week old jaffa cake in my pocket.

  • axman303 #105 1 year ago

    Trophy unlocked: Massive security disaster.

  • irve77 #106 1 year ago

    do we get 2 more games now ?

  • solidSnake04 #107 1 year ago

    hehe poor Kazuo. this time his head is gonna touch the floor, so low he will have to bow !

  • vagabond #108 1 year ago

    Right enough of the bullshit.

    What's the solution here.

    I've created a new email. Where can I change my PS account email to it? I'm not at home, but is there an option on the PS3 where you can switch your associated email account?

  • Juminha #109 1 year ago

    RIP Sony, never start a war with hackers.

  • coolbritannia #110 1 year ago

    @CharlieChan, how many HDMI ports did the launch PS3 actually end up having? 2 as promised? How many controllers via bluetooth? 7?

    If you open it out to Sony and not just the PS3 you can add Lik-Sang, the Malware scandal, telling people to work harder to earn more money and "deserve" the PS3, the PS2 disc read error scandal, saying they wouldn't copy achievements just before they announced trophies, saying rumble was a last gen feature before they settled the court case with Immersion, trying to bully Kotaku....

    And then there's always this!
    Edited by coolbritannia at 18/05/11 @ 17:30

  • TopKatt #111 1 year ago

    Actually it is a bit hypocritical of me to have a go at people who have such a pathological hatred of a company that it can make their day when something goes wrong for them or seriously piss them off when something goes right. I myself fucking hate Tefal and spend many an hour on the boards of tefal.com ranting against them and their evil cookware.

    Anyway, my Eurogamer experience just got a bit more enjoyable:

    ACHIEVEMENT UNLOCKED
    You ignored the fanboys!
    Edited by TopKatt at 18/05/11 @ 17:53

  • Mono_X #112 1 year ago

    'if you did, you certainly wouldn't change the locks and leave the doors open, like they have here. '

    It's more like after finding out that the burglar used the key you keep under a flowerpot to open your front door, you change all the locks on all the doors. Then you put the key under a different flowerpot.

    Although TBH, this isn't much of an issue. After all, in order to use this exploit, they need your PSN email address and your DoB. The only people who will have this will be the original hackers or someone who will be specifically targeting you. If this were the case, losing your PSN account would be the least of your worries.

    Still looks very poor on Sony's Part.

  • siallen #113 1 year ago

    this could finish sony off , MS will sell more consoles this generation and next over sony now

  • steaming_big_un #114 1 year ago

    Remember those posts not so long ago about GeoHot getting ass raped by Sony and how those evil Anonymous sods would get the same treatment from the world dominating Japanese behemoth.

    My, how the SDF all cackled, like Shakesperian witches.

    That turned out well, didn't it!

  • vagabond #115 1 year ago

    Is anyone actually going to post steps on how we can protect ourselves or is this comments page just going to be filled with 10year old fanboy shit?

    Christ, I know I can be immature at times but some of the people in here really need to grow the fuck up.

  • GozuTennai #116 1 year ago

    I want to burn they're eyes!!!

  • potter73 #117 1 year ago

    @Vagabond

    On the PS3, under Account Management you can change your Sign In Address. (you'll get prompted for your current password first) then simply put in the new email address

    Account Management>Account Information>Sign-In ID (Email Address)
    Edited by potter73 at 18/05/11 @ 18:13

  • coolbritannia #118 1 year ago

    ACHIEVEMENT UNLOCKED
    You ignored the fanboys!

    Blocked yourself have you, Tefal boy?

  • Teamallstar #119 1 year ago

    Thinking of cutting out the Sony middle man by posting my email address, credit card details and passwords on the internet...

  • Machiavellian #120 1 year ago

    Remember those posts not so long ago about GeoHot getting ass raped by Sony and how those evil Anonymous sods would get the same treatment from the world dominating Japanese behemoth.

    My, how the SDF all cackled, like Shakesperian witches.

    That turned out well, didn't it!

    Not only did people here at Eurogamer believe that Sony won a major victory over the hackers but there were analyst out there saying the same thing. I wonder if the Hackers were sitting there smiling as they had the smoking gun. The victory still might go to Sony but it will be a hard earned victory. Even if Sony get the win today, I believe they will constantly find themselves under assault.
    Edited by Machiavellian at 18/05/11 @ 22:18

  • funkateer #121 1 year ago

    Somebody has a tissue for charliechan and his xbox?

  • coolbritannia #122 1 year ago

    Not trolling you dude, but how do you see Sony eventually winning this one? The damage has surely already been done?

  • coolbritannia #123 1 year ago

    Kotaku has posted the exploit:

    The prodecure is as follows:
    1) Navigate to : https://store.playstation.com/accounts/r... (this is normally, via email, https://store.playstation.com/accounts/r... with the y's being a unique token) - do not enter the code at this point.
    2) Open a new tab in firefox, and go to fr.playstation.com (other pages will work too most likely), and click Login (Connexion)
    3) Click Recover password
    4) Enter the email and date of birth of the target account
    5) Click continue, then on the confirmation page, click "Reset using E-mail"
    6) Switch back to the original tab, and enter the code, then click continue
    7) You will now be asked to enter a new password for the target account

    Absolutely amazing that Sony didn't check something so simple. I mean this really is Forrest Gump territory now.

  • Biker_Bob_1971 #124 1 year ago

    Post deleted at 15:13:15 09-05-2012

  • coolbritannia #125 1 year ago

    charliechan's been watching Enemy of the State.

    He blew up a building once because his friend made a phonecall.

  • funkateer #126 1 year ago

    This issue really smells like a case of an embarrassment caused by too much pressure and lack of competence by whoever created that web page.

    However, it seems Nyleveia.com did the right thing and report it to Sony before reporting it online. It's good to see that there are also 'white hat' hackers on the case. Sony apparently need all the help they can get, however sad that is.

    It's embarrassing for sure but so far there's been no evidence of people actually taking advantage of the exploit, and realistically the chance was very small to begin with.
    As long as you didn't have an unsolicited password reset, you're fine.
    Edited by funkateer at 18/05/11 @ 18:36

  • coolbritannia #127 1 year ago

    Shhh Bob, or they'll come for you too!

  • Biker_Bob_1971 #128 1 year ago

    Post deleted at 15:13:15 09-05-2012

  • funkateer #129 1 year ago

    "Not trolling you dude, but how do you see Sony eventually winning this one? The damage has surely already been done?"

    Absolutely. This is a big huge blow no matter how you spin it. It's like sony having their gentleman's sausage chewed off. Their best hope is that it can be sewed on again and that it will still do the job. But it's ugly to begin with.
    Edited by funkateer at 18/05/11 @ 18:44

  • Beek4257 #130 1 year ago

    Who are you people? Seriously.

  • evnewell #131 1 year ago

    used to hate the hackers, but now I'm starting to cheer for them. Sony needs to clean up it's act and the hackers are a natural feedback mechanism to remind us when Sony falls short.

    I know I'm alone in this, but now I feel like 'go get 'em hackers.'

  • azic #132 1 year ago

    I can't help but laugh. Last time I buy anything that requires Sony online stuff.
    Just useless.

  • captain_desperado #133 1 year ago

    sony have updated the blog - seems they miss the point, in my mind the fact that the very simple exploit was there and not forseen is more of the issue than wether or not its been used in anger, especially when they have been promising 'world leading' security

  • funkateer #134 1 year ago

    "used to hate the hackers, but now I'm starting to cheer for them. Sony needs to clean up it's act and the hackers are a natural feedback mechanism to remind us when Sony falls short.

    I know I'm alone in this, but now I feel like 'go get 'em hackers.' "

    Be careful though, "hacker" is a really broad term. They might be good ones this time, but many hackers are just after your wallet.
    I'm not cheering for hackers unconditionally.

  • TopKatt #135 1 year ago

    @CoolB

    Nope, I haven't blocked myself mate, haven't blocked you either. Out of interest, how am I a fanboy? Is it because I don't think this is a major issue? For the record, neither Sony nor MS mean much to me, they're just companies. I own both a PS3 and a 360 and I wouldn't do without either of them, although they both have good and bad points. Coolbritannia you may be a fanboy but at least you've got a sense of humour and you're not abusive like charliechan and his ilk.

    Kinect is shite though.

  • coolbritannia #136 1 year ago

    Sony sure could do with employing someone like Geohot to help them out at the moment. Oh.

  • coolbritannia #137 1 year ago

    Kinect is shite though.

    How dare you! It has untapped potential! UNTAPPED!

  • davisorle #138 1 year ago

    Post deleted at 15:13:15 09-05-2012

  • coolbritannia #139 1 year ago

    The fact that so many of my comments in here are green and not in the minus 30's leads me to believe that what we have here in this article, is a giant straw that must have broken the backs of many a fanboy camels back.

    It's quite sad really.

  • Claudiov1.0 #140 1 year ago

    (Insert Sony bashing comment!!!, which is the most popular thing in gaming now)

  • Machiavellian #141 1 year ago

    (Insert Sony bashing comment!!!, which is the most popular thing in gaming now)

    Deja vu all over again. Interesting enough Sony was the cause each time instead of just plain old fanboism.

  • ruddiger7 #142 1 year ago

    Well ive just bought a new 360, ps3 has gone on sale.

  • Cronan #143 1 year ago

    The BBC just ran this story, Wesley got a mention:

    http://www.bbc.co.uk/news/technology-13454201

  • lionsky1 #144 1 year ago

    1 <A href="">http://www.christianlouboutinkey.com/"><STRONG>louboutin
    shoes</STRONG></A> louboutin shoes <A
    href="">http://www.jordansvip.com/"><STRONG>jordan shoes</STRONG></A> jordan shoes
    [link url=">http://www.sunglasskey.com/]<STRONG>oakley sunglasses</STRONG>[/link]
    oakley sunglasses 2 <A
    href="">http://www.christianlouboutinkey.com/"><STRONG>louboutin
    shoes</STRONG></A> louboutin shoes <A
    href="">http://www.jordansvip.com/"><STRONG>air jordan shoes</STRONG></A> air
    jordan shoes <A href="">http://www.sunglasskey.com/"><STRONG>oakley
    sunglasses</STRONG></A> oakley sunglasses 3 <A
    href="">http://www.christianlouboutinkey.com/"><STRONG>louboutin
    shoes</STRONG></A> louboutin shoes <A
    href="">http://www.jordansvip.com/"><STRONG>jordan shoes for cheap</STRONG></A>
    jordan shoes for cheap <A href="">http://www.sunglasskey.com/"><STRONG>oakley
    sunglasses</STRONG></A> oakley sunglasses