According to reports on , Eurogamer , and NeoGAF , ’s PlayStation Network password reset system-the one just put in place after the PSN -has been compromised, allowing to change a PSN password if they know your email and date of birth.

Exactly the sort of information that was released in the original hack. Sony has taken the password reset system offline. Kotaku has reached out to Sony for comment.

Update 1: The good news (as pointed out by NeoGAF’s “Metalmurphy”) is that if your account was compromised, you should have gotten an email from PSN that says your password has been reset.

Update 2: An official community moderator on the EU PlayStation forums notes the following services are offline : PlayStation forums PlayStation Blog Music Unlimited via the web client All PlayStation game title websites

Update 3: This is the purported exploit as provided to Kotaku . As PlayStation services are now offline, this exploit is no longer able to be executed: The prodecure is as follows:

  1. Navigate to : (this is normally, via email, with the y’s being a unique token) – do not enter the code at this point.
  2. Open a new tab in firefox, and go to (other pages will work too most likely), and click Login (Connexion)
  3. Click Recover password
  4. Enter the email and date of birth of the target account
  5. Click continue, then on the confirmation page, click “Reset using E-mail”
  6. Switch back to the original tab, and enter the code, then click continue
  7. You will now be asked to enter a new password for the target account

Update 4: According to Sony’s PlayStation blog , “Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.”

b25deabdbaain 01.jpg 450x253 Sony PlayStation Network Password Reset Page Exploited

Here is the original post:
Report: Sony PlayStation Network Password Reset Page Exploited, Customer Accounts Potentially Compromised [It Only Does Offline]