UPDATE: Sony has issued the following statement via the PlayStation Blog: “We temporarily took down the PSN and Qriocity password reset page. Contrary to some reports, there was no hack involved. In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.” They also encouraged users to update their passwords via their PS3s now, or to do so later once the web sites are back up. At this time, Sony is either unable or unwilling to provide a timetable for their return.
ORIGINAL STORY: Consumers who haven’t reset their passwords for PSN are still encouraged to do so directly on their PS3. Otherwise, they can continue to do so via the website as soon as we bring that site back up.
An exploitable glitch allows for hackers to easily change your web site passwords and access your accounts — using nothing more than your e-mail address and date of birth. Apparently, the publisher failed to update things on the web site end before restoring the system on Sunday. Sony responded by disabling sign-in for all of its PlayStation and game related web sites. Wow.
I’m imagining that Kaz reacted somewhat like Lando in Empire when he heard the news: “They told me they fixed it! I trusted them to fix it! It’s not my fault!” All kidding aside, this is terrible news for Sony and its customers. Just days after being assured that increased security measures would provide sufficient protection for users, we now find out that some accounts have undoubtedly been compromised again.
The EU PlayStation Blog had this to say via Twitter: “Clarification: this maintenance doesn’t affect PSN on consoles, only the website you click through to from the password change email.” Another tweet read: “We’ll let you know as soon as the landing page is back online.” Nothing has been posted to their blog proper; instead, there’s a story about the Resistance 3 cover art being unveiled. Clearly, Sony was excited to put the whole thing behind them and get back into the swing of actual game talk in the lead-up to E3.
The site that users are directed to go to in order to change their PSN passwords has also been disabled. Since changing it was mandatory for anyone to get back into the restored PSN, anyone who hadn’t yet changed it is once again unable to play Sony games online. “Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being,” Sony said. “This is due to essential maintenance and at present it is unclear how long this will take.”
Those who had actually already changed their password should double check that it hasn’t been altered by a hostile third party. Since you can’t change it again at this time, your only play as of now is to contact Sony.
[Image courtesy of Crazy Engineers.]