The PSN has only been back up for a couple of days, so it will come as irritating news to users who are keen to get their passwords changed that the password reset page reportedly has a serious exploit.
Sony says the maintenance doesn’t affect PSN on consoles, but on the website click-through detailed in the password change email.
Eurogamer says it has seen video evidence that Sony’s PSN reset system has an exploit which lets others change your password using just the account email and date of birth.
The news was broken by Nyleveia.com. NeoGaf users as well as Eurogamer agree that something’s wrong.
Nyleveia suggests users ditch their old accounts and set up a new one with a brand new email, which isn’t used anywhere else at all. It says when the hack becomes more public, people should be wary of their PSN account’s email if it can be easily linked to a user.
Sony has told customers and partners that it is now pretty secure and that the privacy of customers is of upmost importance.
It seems to be an existing exploit in its password reset page, which has since been taken down.
Howard Stringer, Sony’s CEO, has gone on record saying that Sony has behaved particularly well throughout the whole fiasco.