Sony faces further security woes

PS3 logo

Related Stories

A website set up by Sony to allow users to reset their passwords following last month's hack attack is itself subject to a security alert.

A Sony user discovered an exploit on the site that could have been used by hackers to impersonate users.

Password resets have been necessary following the exposure of 77 million Sony PlayStation users' personal details.

Sony admitted the sites were insecure but said no hack had occurred.

In its blog it said: "We temporarily took down the PSN password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed," Sony said in a statement.

It will be further embarrassment for the gaming giant and more inconvenience for its users.

"Anyone who has already reset their password is still able to gain access to the PSN but for those who haven't they wont be able to reset it until the servers go live again, which will be shortly," said a Sony spokesman.

Wesley Yin-Poole, news editor of gaming website Eurogamer explained what had happened.

"There was an exploit that allowed anyone to reset your password using just your e-mail address and date of birth, effectively locking them out of their own PlayStation account," he said.

E-mail addresses and dates of birth are some of the personal details thought to have been stolen by hackers last month.

"This is just another embarrassment hot on the heels of the hack attack. It is nowhere near as serious but will be another headache for Sony," he added.

The majority of PlayStation users are able to reset their password through their consoles rather than by going online.

On 20 April the Japanese electronics giant was forced to shut down its PlayStation network, after what has been described as the biggest hack attack in history.

Yesterday, Sony boss Howard Stringer said the firm did act quickly enough to tell users about the problems.

Sony has offered users a year's free identity protection and free games in order to persuade them back to the network.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.