Watch CBSN Live

New day, new Sony security bug

Just days after most services for PlayStation Network were brought back online, it appears a new exploit has been discovered that allows hackers to change users' passwords with the data stolen during the break-in to the service last month.

The Web sites that allow PSN users to sign in and reset their passwords have since been taken offline, as the graphic above from shows. This problem reportedly does not affect the ability to sign in via a PlayStation 3 or PlayStation Portable, just some Sony Web sites.

The report comes from gaming blog Nyleveia, which posted a warning to PSN users that their passwords might not be safe and contacted Sony about it.

Another blog, Eurogamer, says it confirmed the exploit, which allows someone to reset your password by knowing your e-mail address used for the account and date of birth. That information is known to be among the data belonging to 100 million users of Sony's gaming services that was exposed between April 17 and 19 in the second-largest security breach in U.S. history.

New authorship clues in Sony attack whodunnit
Sony reopens partial PlayStation Network service

Eurogamer says users that changed the e-mail address connected to the PSN account after PSN was restored this weekend should not be at risk.

Yesterday, speaking to a handful of reporters, Sony CEO Howard Stringer admitted that while the company had rebuilt the security for PSN during the three weeks it was unavailable, no system could be guaranteed "100 percent secure."

Sony did not immediately respond to a request for comment.

View CBS News In
CBS News App Open
Chrome browser logo Chrome Safari browser logo Safari Continue