Another day of gloom for PlayStation Network (PSN) users as reports are coming in that the password reset feature of PSN has been compromised. The exploit allows hackers to change user passwords via the PSN password reset function, using just two pieces of information – a PSN account email address and a date of birth.
Eurogamer has confirmed video evidence that verified this report from Nyleveia who discovered this exploit. Sony has responded by making PSN sign-in unavailable for a number of its websites, including PlayStation.com and the PlayStation forums.
The exploit was first revealed on Nyleveia.com.
“I would suggest that you secure your accounts now by creating a completely new email that you will not use ANYWHERE ELSE, and switching your PSN account to use this new email,” recommends the site.
“You risk having your account stolen, when this hack becomes more public, if you do not make sure that your PSN account’s email is one that cannot be affiliated with or otherwise traced to you.”
Sony tweeted that PSN on consoles aren’t affected, only the website you click through from the password change email.