Sony Fixes Another Security Vulnerability on Web Site

News

Sony Fixes Another Security Vulnerability on Web Site
A security issue that could have disrupted the returning Sony networks, including the PlayStation Network, has been fixed. The problem was that anyone with the personal information for a Sony network account could reset the password, and that data was apparently stolen in the first break-in. The PlayStation Store is expected back soon.
As the Sony networks slowly come back online, a security issue that could have led to another break-in has been fixed. The company said the vulnerability was on the page where users had to reset their passwords for Sony's PlayStation Network and Qriocity music service.

The security hole enabled any user with the date of birth and e-mail address of an account holder to reset the password. Birth dates and e-mail addresses of up to a hundred million users were among the unencrypted data that Sony believes may have been stolen in the original break-in.

Accounts 'Unsafe'

After the first network breach, the company was criticized by industry observers and some members of Congress for not quickly revealing that users' personal data may have been taken. The initial breach was noticed by Sony on April 19, the PlayStation Network was shut down on April 20, and users were notified of the breach and possible loss of personal information on April 26.

A gaming site, nyleveia.com, first brought the most recent security issue to light in a posting on May 17. It said that "despite the methods currently employed to force a password change when you first reconnect to the PlayStation Network, your accounts remain unsafe."

The site reported that a hack exploiting this weakness was "currently doing the rounds in dark corners" of the Internet. By Thursday, Sony reported it had fixed the problem.

In a video recently posted on the PlayStation Blog, Sony executive Kazuo Hirai noted that, as a new security feature, all customers are required to change their passwords.

'Welcome Back'

Hirai said "aggressive actions" were being taken to address the vulnerabilities that led to the unprecedented network outage. The actions, he said, include advanced security technology, increased levels of encryption, additional firewalls, and early warning systems.



Source: link
Sony Fixes Another Security Vulnerability on Web Site on ClickOnline.com


Tags:  , ,
About this author

emma@clickonline.com
Staff reporter
Recent Articles by this author
18 April, 2014
The actress has seemingly admitted she did write the list of famous sexual partners,...
18 April, 2014
Cheryl Walker had sought to be named as the sole guardian over the late actor's...
18 April, 2014
The 80-year-old screen legend - who portrayed the Fourth Doctor from 1974 to 1981...
18 April, 2014
The hunk stars as Lee Christmas in forthcoming 'The Expendables 3' alongside...