Sony suspects new hack, takes down password page

Less than a week after restoring its PlayStation Network and Qriocity services, Sony temporarily took down the password reset pages for the two facilities. Corporate communications and social media senior director Patrick Seybold belied speculations that a hack was involved, but added that there was a URL exploit that Sony subsequently fixed. “We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed," he said in a blog post. Sony is now conducting a phased restoration of PSN and Qriocity, which suffered an outage following a hack last April. He said that consumers who have not reset their passwords for PSN are still encouraged to do so directly on their PS3. Otherwise, he said they can continue to do so via the website “as soon as we bring that site back up." However, he did not elaborate on when they can do so. However, Nyleveia.com said that it had seen a demonstration of a new hack that allows the attacker the ability to change one’s password using only the account’s email and date of birth. “I would suggest that you secure your accounts now by creating a completely new email that you will not use ANYWHERE ELSE, and switching your PSN account to use this new email. You risk having your account stolen, when this hack becomes more public, if you do not make sure that your PSN account’s email is one that cannot be affiliated with or otherwise traced to you," it said. For its part, Eurogamer claimed to have seen video evidence that Sony’s PSN password reset system suffers from an exploit that allows attackers to change a user’s password using only a victim’s PSN account email and your date of birth. — TJD, GMA News