PlayStation Network Sign-in is down again due to new security loophole

PlayStation Network Sign-in is down again due to new security loophole

Summary: PSN Sign-in is offline due to new security hole that can reset passwords using just the date of birth and email address -- information that was stolen in the first attack.

SHARE:

After restarting the PlayStation Network around the world this past weekend and promising tougher security for customers' data, the PSN Sign-in is once again offline as Sony is working to patch a new security hole.

According to Nyleveia.com, the new loophole can reset passwords using just the user's date of birth and email address -- information that was stolen in the first attack. This means even if the user has logged in after the restart to create a new login, that login may already be useless due to this new vulnerability.

Nyleveia's unnamed source demoed this breach to the staff to prove that it is a real threat, and Eurogamer has also seen video evidence that corroborates with Nylevia's claims. Nyleveia has also passed what it discovered to Sony Computer Entertainment Europe. Since then, a number of sites have become inaccessible for login including:

  • PlayStation.com
  • PlayStation forums
  • all PlayStation game titles
  • PlayStation Blog
  • Qriocity.com
  • Music Unlimited via the web client
  • site where users are directed to to reset their passwords

In a brief statement confirming that the PSN has been taken offline, Sony said, “Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being. This is due to essential maintenance and at present it is unclear how long this will take."

Sony also reiterated that only the login site is down and not the entire PSN in a tweet, "Clarification: this maintenance doesn't affect PSN on consoles, only the website you click through to from the password change email."

That said, "[users] will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information,” according to Sony.

Is there anything a PSN customer can do to better protect their own data? Nyleveia is recommending that all users create a dedicated email account to link only to their PSN account so if any personal information is ever stolen, it would only affect their ability to log into the PSN. You can refer to the FAQ for further details.

[Source: Nyleveia via MCVEngadget, Eurogamer, Kotaku]

Additional ZDNet coverage:

Topics: Networking, Hardware, Mobility

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

18 comments
Log in or register to join the discussion
  • RE: PlayStation Network Sign-in is down again due to new security loophole

    Shockingly bad. How can Sony be so vulnerable? I've had a PS3 and Xbox360 since launch and although I pay for Xbox live it's always up. Pull yourself together Sony, it's getting embarasing now
    robcowin
  • PSN blows

    I have been an avid playstation supporter but this just makes me wonder if iv'e chosen the wrong side. XBOX gets all the newest game content months in advance and they never have problems with this kinda stuff. Out of control thats its been a month I couldnt play and now this.
    Kltreadwell23
    • Couldnt Agree More...

      @Kltreadwell23 Im pretty much left with the choice of selling my unit AND profile. I have over $1000 of DLC ...after all this, imma get my moneis worth.
      Double Aught Code
    • RE: PlayStation Network Sign-in is down again due to new security loophole

      @Kltreadwell23
      Yeah you have gone to the wrong side i have always been playstation person until the xbox came out. playstation make out they have more cpu's they dont state they only run 1 primary cpu and 6 secondary cpu's where as xbox360 runs 3 primary cpu's and no programmer wants to program games to run on secondary cpu's as its 3 times harder work to program for them. xbox is a programmer friendly format compared to playstation. we do have to pay ?30 on average a year but i got mine for ?19.99 so that is ?1.66 per month which is not that bad. or ?2.50 for people who do not shop around
      AlfaDave
    • RE: PlayStation Network Sign-in is down again due to new security loophole

      @Kltreadwell23 You must be a CoD fanboy, since you talk about Xbox getting content months in advance. Get out of here with that BS. CoD is one of the only games that Microsoft had to bribe Activision to get content a month in advance. I'm even sure they paid Activision off to make PS3 version of Black Ops as bad as it was(or Treyarch just sucks). They have to keep their customers some way. PS3 has wayyyy better exclusives then Xbox will ever have. Most developers are starting to realize the PS3's full potential, which is even better.<br><br>This whole PS3 breach could have happened to Microsoft too. Sony did what they had to do in prosecuting George Hotz and the hacking community got mad. Sony also said their network was unhackable, which gave the hackers a reason to hack it. Microsoft is definitely not the most secure company out there. NO NETWORK IS 100% SECURE.. Your info is definitely not 100% secure. The second you connect to the internet you are at risk of stuff like identity theft. When will people learn this? <br><br>As for "being a month I couldn't play," PSN is a FREE service. I'm sure Sony could start charging with PSN just like Microsoft charges for Xbox Live, but just think how many butthurt people there would be? People always want everything for nothing.
      TWizz1991
  • RE: PlayStation Network Sign-in is down again due to new security loophole

    I'm no security expert, but this seems like a very easy exploit! You're telling me that sony didn't deal this and still put up their network? For shame!
    awkward hug
    • ..but they hired experts!!!

      @awkward hug Im one of the biggest PS3 fanmans but really, I thought they hired experts to secure things up? I wonder what the requirements were...

      ...a working knowledge of a power strip...the ability to script(in shakesperean era)...ability to correctly guess what one of the three letters in PSN stood for...child endagerment...corporate dis-soltion...the ability to open a window WITHOUT ACTUALLY walking to a window...have broken the automatic coffee cup(the CD/DVD) tray holder on their PC at least once?

      What do you think?
      Double Aught Code
  • RE: PlayStation Network Sign-in is down again due to new security loophole

    it was a website mistake. probably spent too long making sure the consoles were secure.

    didn't help matters that the sony ps3 customers are stupid and can't do a reset through their console. They must use their "email addresses" and "websites to do it". WTF have you been doing with your consoles then.

    I've went through 4 360's, but still on my first PS3... stop fucking your console, and use it properly.
    deplorable
    • RE: PlayStation Network Sign-in is down again due to new security loophole

      @deplorable
      Im still on my first xbox elite. and it gets lots of use coz when im not using it it stays on in background i just turn tv over. turn it off at night tho. xbox's fail if stupid people put them in small spaces so they cant vent out the heat. thats the only known problems i know coz of stupidity. i know many people also who have both but will still play xbox over ps3. due to the draw distance on the graphics is far better on xbox and also the network is far better more people and well worth the ?2.50 per month
      AlfaDave
    • They added security to the consoles...?

      @deplorable thats news to me, and about anyone else following this. All they did was concentrate on the network itself, yet did a VERY poor job of that. Dont get me wrong, I LOVE MY PS3, but I also love my home network not being comprimised because the PS3 has ZERO user end protections ...its all about anti-piracy. And while I understand the need to cover anti-piracy, I cant help but wonder why COD is hacked more on a PS3 than even a PC, how much of this damage could have been avoided if packets were not so easily detected and manipulated on the PS3 broadcast, or just basicaly why Japan is wondering the same thing yet the US says 'turn it on...youve lied to us so far so we trust ya'???
      Double Aught Code
  • RE: PlayStation Network Sign-in is down again due to new security loophole

    I'll stick with the best solution available: No longer use the psn
    kstap
    • RE: PlayStation Network Sign-in is down again due to new security loophole

      @kris_stapley@... +1
      Double Aught Code
  • RE: PlayStation Network Sign-in is down again due to new security loophole

    this is starting to become one big fat joke how does a company so big manage to make a mistake this big .i for one am becoming sick of this now for the last 3 to 4 weeks psn users have been unable to play their favourite games online the whole sony team should all be embaressed.
    kingofkings92
    • RE: PlayStation Network Sign-in is down again due to new security loophole

      @kingofkings92 +1000
      Double Aught Code
  • REALLY COME ON SONY

    how many times are sony going to let us down its going to take more than some cheap free games that arent that good to get user trust back they have had over 30 days to fix this i could make a network in half that come on sony just hire the hackers that did this and make it un hackerble but what ever you do dont sack the hackers
    ash2929
  • This Is A Joke...Right?

    This is unacceptable! Their complete lack of understanding if this exploit is being carried out, hackers can use their PS3's to do the same thing. The entire network should be shut off if somone can change my newpassword so simply, not just across the PC platform.

    If SCE(I, A, EU) would pull their heads out and accept that they know very little, to include which experts to hire to 'secure the system'; we would have some sort of packet rejection technique on our consoles...we would have better privacy settings for the message system...THE USER would get an update for THEIR securioty and not just some anti-piracy security update.

    Sony, at least the SCE department head(I miss Phil Harrison, he seemed to get it), is inept. The facts are their to prove this. I can personally vogue for their Consumer Services Director Nolan Hass being the same, if not more. I have personaly told him (ph# 650-655-5920 SCEA, Forrest City Office) about much of what has occured before the fact yet nothing is done about it. Be proud of that one, Hiro.

    SNE, SNE_TYO, stock, point, divend, ps3, psn, playstation, finance, ceo, director
    Double Aught Code
  • So what, no online gaming...

    Just wait, it's not the end of the world. You willl be back online soon. I am just waiting for the free content to be unlocked from the PSN store. The dicks who hacked the system should be hung, stealing I.D and passwords. Stop giving Sony a hardtime. Peace..<br><br>origins_unknown PSN with honour crew

    Xbox 360 origins_unknown
    origins_unknown
  • RE: PlayStation Network Sign-in is down again due to new security loophole

    <a href="http://www.chanelonsalebags1.com"><strong>Chanel bags</strong></a> is very luxury and high-grade. <a href="http://www.chanelonsalebags1.com"><strong>Chanel handbags sale</strong></a> and confidence; make their range stand out above any other. Maybe this is why they are so high profile and craved by many a celebrity. It is a brand that never disappoints with a selection of exploding diamante designs, luxurious quilted arms and interlacing. Buying Chanel from our <a href="http://www.chanelonsalebags1.com"><strong>Chanel on sale</strong></a>. Back to <a href="http://www.chanelonsalebags1.com"><strong>Chanel Bags online</strong></a> to know more products information.Chanel founder Gabrielle Chanel in 1913 Chanel was founded in Paris,<a href="http://www.chanelonsalebags1.com/chanel-shoulder-bags-c-101.html"><strong>Chanel Shoulder Bags</strong></a>, Chanel's products range from clothing, jewelry, accessories, cosmetics, perfumes,<a href="http://www.chanelonsalebags1.com/chanel-new-bag-c-71.html"><strong>Chanel New Bag</strong></a>, each product is known, in particular, her perfume and fashion . Chanel (CHANEL) is a famous brand in more than 80 years experience, Chanel Fashion has always elegant, simple,<a href="http://www.chanelonsalebags1.com/chanel-cambon-bags-c-90.html"><strong>Chanel Cambon Bags</strong></a>, elegant style, she good at breaking, early 40's on the success of tied up the ladies into the simple,<a href="http://www.chanelonsalebags1.com/chanel-messenger-bags-c-96.html"><strong>Chanel Messenger Bags</strong></a>, comfortable This is perhaps the first modern casual wear.
    Chaneloutlet