Skip to main content

Sony Patches PlayStation Password Change Exploit

Early on Wednesday, Sony was dealt another blow when gaming blog Nyleveia claimed that all PSN and Qriocoty accounts remained unsafe because of a hack that allowed a third party to change your password using only your email address and date of birth. Nyleveia claimed that its source had demonstrated the exploit and that they had received a ‘password successfully changed email’ from Sony and could no longer use their own password to sign in. The site said it had contacted Sony with details of the exploit and, shortly afterward, Sony took its web-based password recovery service offline. 



Sony’s Patrick Seybold has since commented on the exploit and assured users that despite headlines to the contrary, the hasn’t been another hack.

"We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved," he said in the brief update. "In the process of resetting of passwords there was a URL exploit that we have subsequently fixed."

Seybold says customers that have not yet reset their passwords are encouraged to do so. Password changes can be performed directly through your PS3 or via PlayStation.com, once Sony brings it back up.