The latest security hole was found on the Webpage that users were using to reset passwords for their PSN and Qriocity accounts from their PCs, according to a May 18 report in The Wall Street Journal. After restoring the PSN network after nearly a month offline, Sony required users to first update the firmware on their PlayStation console and then to reset their account password.
The security hole on the password reset page allowed anyone with the account holder’s date of birth and email address to reset the passwords. Considering that Sony said birth dates and email addresses were among the personal information stolen when attackers breached its servers, changing the passwords to gain control of the user accounts is not an unlikely scenario.
Sony closes yet another flaw in PSN
Posted on Thursday, May 19 2011 @ 21:18 CEST by Thomas De Maesschalck