TechCrunch Disrupt Europe 2014: Photos, commentary and the Startup Battlefield LIVE

Feedback

Sony's PSN reboot suffers fatal flaw - down again

SecurityNews
, 18 May 2011News

Parts of Sony's Playstation Network are offline once again, after the geniuses at the Japanese outfit realised they made a schoolboy error when attempting to ressurect its online cow of cash.

Aware that hackers had snuck into its servers and pilfered information such as user's passwords, email addresses and dates of birth, Sony had the bright idea of asking users to log on again and change their password - using that self same data.

It seems users can change their password on the PSN password reset page using only a PSN account email and date of birth, both pieces of information having been acquired by the hackers in the original breach.

The simple ruse was discovered by nyleveia.com.

The web site notified Sony of the simple exploit and the outfit moved to take precautions by taking the password reset page offline.

What it will do next is anyone's guess.

Topics
blog comments powered by Disqus