PSN website sign-ins disabled after users identify potential exploit
So apparently there was a sign-in exploit which let users recover other users password. I first saw this on a gaming forum called NeoGAF. Here was the post:
Now to the whole story:
This guy on twitter ( http://twitter.com/#!/Nyleveia ) was claiming there was an exploit on the password recovery page that allowed anyone with a matching PSN login address and Date of Birth could change your password without you confirming it. Personally I didn't believe him so I gave him my login and dob. He didn't reply for a long time so I went to sleep.
So this guy sent an email claiming an exploit on twitter, the user not believing him sent a message back into the morning.
The first one is saying that someone had requested to change my password, and that I needed to click the confirmation link to continue. All normal for now, supposedly only people with access to the login address can change it then. HOWEVER the second email is a confirmation that the password was changed and I never clicked the confirmation link... So yeah... my password was successfully changed by someone else.
Apparently Sony then tried to cover up by just pulling down the site without giving any maintenance. I mean, cmon Sony, really?
Here's the NeoGAF thread: http://www.neogaf.com/forum/showthread.php?t=430574
9 comments:
pff that's bad and it looks like PSN will go deeper in the trouble
uggggggg seriously, how F'd up
You'd think such a big corporation wouldn't fuck up that bad.
Having said that they did get hacked and fucked up for a month...
Oh Sony...
You guys should just sell your consoles and buy PC's :D
I got a pretty powerful laptop chesire :D
haha zach, yeah my playstation three hasnt been able to go online for a while thank god they dont have my credit card information because that shit woulda been for sale on the black market
Silly sony. They can't do anything right.
they're rushing it. they REALLY need to be conservative here and take the time to do things right.
that's pretty bad. thanks for the post m8
Post a Comment