AfterDawn: Tech news

PSN log-in pages down thanks to password exploit

Written by Andre Yoskowitz (Google+) @ 18 May 2011 12:23 User comments (21)

PSN log-in pages down thanks to password exploit Sony just cannot catch a break.
Within three days of the company restoring the PSN after over 3 weeks of downtime, Sony has had to take down its PSN web logins, thanks to a password exploit.

Users trying to sign in via Playstation.com, the PlayStation forums, PlayStation Blog, Qriocity.com or the Music Unlimited are greeted with the following message:

The server is currently down for maintenance. We apologize for the inconvenience. Please try again later.


Additionally (via PCM):

Unfortunately this also means that those who are still trying to change their password ... via Playstation.com or Qriocity.com will be unable to do so for the time being. This is due to essential maintenance and at present it is unclear how long this will take. In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.


Apparently, the PSN password system has a flaw that allows hackers to change your password as long as they have your date of birth and email associated with the account. 101 million users had their personal data compromised with the original breach, including, you guessed it, DOB and email.

Previous Next  

21 user comments

118.5.2011 13:04

Wow. This is just... wow.

218.5.2011 13:30

It's just a phishing scam ~ Info Here

Edit: PSBlog update

This message has been edited since its posting. Latest edit was made on 18 May 2011 @ 14:37

318.5.2011 14:06

This just keeps getting better. :p

418.5.2011 17:13

This actually made me laugh...


Oh, Im sorry... Did the middle of my sentence interrupt the beginning of yours?

518.5.2011 17:52

UM lol

618.5.2011 18:22

Oh but Sony really improved security since the breech... Believe I can insert "told you so" from my other argument.

718.5.2011 18:34

wtf lol

818.5.2011 19:49

Originally posted by Mysttic:
Oh but Sony really improved security since the breech... Believe I can insert "told you so" from my other argument.
And just like your other argument you are leaving out information that clarifies things. Have you actually read what it was that I posted? It's nothing more than a phishing scam. Not a "hack". There is a BIG difference.
This message has been edited since its posting. Latest edit was made on 18 May 2011 @ 19:52

919.5.2011 0:03

It isn't just a phishing scam.

Their method of changing passwords from what the hackers have worked by using the information the hackers have. This means that accounts (as well as PSN store purchases and balances) can be stolen using the information that the hackers already had...and the passwords were only changed because Sony knows that the hackers have the passwords (plus the other items needed to use the page). Typical Sony security.



1019.5.2011 9:54
slackdast
Inactive

Quote:
Apparently, the PSN password system has a flaw that allows hackers to change your password as long as they have your date of birth and email associated with the account.
Don't they say that's a feature? I mean, how many passwords can be "recovered" with info like that? Quite a few different systems i can think of.

1119.5.2011 12:35

Originally posted by KillerBug:
It isn't just a phishing scam.

Their method of changing passwords from what the hackers have worked by using the information the hackers have. This means that accounts (as well as PSN store purchases and balances) can be stolen using the information that the hackers already had...and the passwords were only changed because Sony knows that the hackers have the passwords (plus the other items needed to use the page). Typical Sony security.
It is a phishing scam. You said it yourself "changing passwords from what the hackers have worked by using the information the hackers have" there is NO HACK involved. And that's even IF this is the work of the hackers who hacked the PSN. It could STILL be just a regular phishing scam done by whoever.

Originally posted by slackdast:
Quote:
Apparently, the PSN password system has a flaw that allows hackers to change your password as long as they have your date of birth and email associated with the account.
Don't they say that's a feature? I mean, how many passwords can be "recovered" with info like that? Quite a few different systems i can think of.
Exactly.
This message has been edited since its posting. Latest edit was made on 19 May 2011 @ 12:36

1219.5.2011 14:21
YoJembo01
Inactive

Ha...hahahahaha


Its a lot easier being righteous than right.

1320.5.2011 0:56

Even though it is not a hack as it has been "clarified", it is still a mistake on sony's part... and they use expressions like "simple phising scam" to make it sound like nothing; "simple" makes people see the problem like almost nothing, which in turn might translate to nothing at all... it is just a "simple" mind trick... anyway, a problem is a problem, no matter how "big" or "small" they might make it look like, which is from my point of view the real point of the article...

ps. bottom line, psn taken down again X_x


X_x

1420.5.2011 2:10

so when do the prices of the ps3 drop to encourage people to keep buying playstation?

1520.5.2011 17:01

Originally posted by hglez86:
...bottom line, psn taken down again X_x
Don't know where you are getting your info from but the PSN is not down because of this.

1621.5.2011 9:13

Originally posted by Oner:
Originally posted by hglez86:
...bottom line, psn taken down again X_x
Don't know where you are getting your info from but the PSN is not down because of this.
i didn't say "psn is down again because of that" i said "bottom line" as in no matter what, it is down again.

X_x

1721.5.2011 12:34

Originally posted by hglez86:
Originally posted by Oner:
Originally posted by hglez86:
...bottom line, psn taken down again X_x
Don't know where you are getting your info from but the PSN is not down because of this.
i didn't say "psn is down again because of that" i said "bottom line" as in no matter what, it is down again.
Semantics...the PSN wasn't down at all. Just the login for the PC internet web forums, PS.com etc. Access to the PSN on your PS3 was absolutely not affected by this. Hence to say "it is down again" when the actual PSN was not down is incorrect.

1822.5.2011 5:51

I apologize to all phony worshipers... I don't have english as a first language, I made an unforgivable mistake with semantics... oh wait, do i see punctuation mistakes?... never mind, even as it is, i did make a mistake... nevertheless, Phony did have something not working what ever it was, and it must have caused some type of problem for some users somewhere in the world who did not have just the right equipment to use which ever service it was they were trying to access when they were faced by the screw up... vague enough? X_x


X_x

1922.5.2011 17:03

Originally posted by hglez86:
I apologize to all phony worshipers... I don't have english as a first language, I made an unforgivable mistake with semantics... oh wait, do i see punctuation mistakes?... never mind, even as it is, i did make a mistake... nevertheless, Phony did have something not working what ever it was, and it must have caused some type of problem for some users somewhere in the world who did not have just the right equipment to use which ever service it was they were trying to access when they were faced by the screw up... vague enough? X_x
Way to be childish about something that was just being explained/clarified so you wouldn't be misinformed. It's kinda like someone coming into the forum and saying "1+1=3" then it's explained it's actually "2" only for them to get mad because someone tried to correct/help them understand. But whatever ~ if you want to go on and not have the correct information, so as to look like you don't know what you are talking about, then go right ahead...it is your choice to want to be clueless after all. Cheers.
This message has been edited since its posting. Latest edit was made on 22 May 2011 @ 17:07

2022.5.2011 21:10

it's not like someone said "1+1=3" it's more like someone said "1 + 1 equalz 3" and then they get slapped for not knowing exactly the right words to use:

Quote:
Semantics...
either way, i never claimed to know it all or have first hand information, i even went as far as saying:

Quote:
which is from my point of view the
i did that because i knew something like this was coming, and i read on some other thread that a certain someone said to say when you are saying an opinion...

either way, I AM CLUELESS! there, i said it, and that's exactly why i'm coming here to read the news everyday several times a day to read the news, but i guess i won't ever be good enough material for this.

also before it comes which i know if this goes on it will which is the usual, i am not trying to make any fight or anything, but i do think i have a right to try and defend my self if i think i'm being picked at... anyway, i guess us ignorants are never gonna learn right?

so any ways, hope you the best Mr. Oner, and if you said before that you weren't running away anyone ever, well let's make it an official first, and i say official because i don't doubt it ever happened before.

My best regards to After Dawn and those who did make it a great experience for me over the years.

X_x

2123.5.2011 12:49

Originally posted by hglez86:
it's not like someone said "1+1=3" it's more like someone said "1 + 1 equalz 3" and then they get slapped for not knowing exactly the right words to use:

Quote:
Semantics...
either way, i never claimed to know it all or have first hand information, i even went as far as saying:

Quote:
which is from my point of view the
i did that because i knew something like this was coming, and i read on some other thread that a certain someone said to say when you are saying an opinion...

either way, I AM CLUELESS! there, i said it, and that's exactly why i'm coming here to read the news everyday several times a day to read the news, but i guess i won't ever be good enough material for this.

also before it comes which i know if this goes on it will which is the usual, i am not trying to make any fight or anything, but i do think i have a right to try and defend my self if i think i'm being picked at... anyway, i guess us ignorants are never gonna learn right?

so any ways, hope you the best Mr. Oner, and if you said before that you weren't running away anyone ever, well let's make it an official first, and i say official because i don't doubt it ever happened before.

My best regards to After Dawn and those who did make it a great experience for me over the years.
No one is "picking on you" I simply corrected information that you said that was not accurate (of which you admit yourself). You then took it to heart to deeply (for whatever reason) and now all of this dramatics from post #18 on for no real reason...

If I said something incorrect I would want someone to help me out to have the correct information, I would be appreciative, learn and then move forward being more properly knowledgeable of the situation. Simple as that.
This message has been edited since its posting. Latest edit was made on 23 May 2011 @ 12:58

Comments have been disabled for this article.

News archive