Password reset page on PSN website down; Sony says URL exploit fixed
Days after restoring the PlayStation Network that had been taken down after a massive hacker attack, Sony faced niggling issues with some features on the PlayStation website and had to temporarily take it off.
According to Sony a web page allowing users to rest PlayStation Network and Qriocity accounts through a personal computer was taken down after a security hole was noticed.
Sony explained that the password reset option for the PlayStation Network and Qriocity accounts was temporarily unavailable because of a flaw that allowed people other than the users to reset the accounts.
A Sony spokesman said in a blog that the temporary unavailability of the password reset page was not caused by any fresh hacker attack.
We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed, the blog post said.
Consumers who haven’t reset their passwords for PSN are still encouraged to do so directly on their PS3. Otherwise, they can continue to do so via the website as soon as we bring that site back up.
The security hole was of a serious nature as it allowed anyone with information like a user's email address and date of birth would be able to make unauthorized changes in the account.
Personal data of millions of Sony PlayStation Network users had been compromised during the April hacker attack on the network.
Sony confirmed that users trying to reset passwords from their PlayStation 3 consoles could still do it.
According to CNNMoney, the security hole was first discovered by gaming blog Nyleveia and successfully exploited by Eurogamer.
© Copyright IBTimes 2024. All rights reserved.