Sony Fixes Another Security Vulnerability on Web Site

News

Sony Fixes Another Security Vulnerability on Web Site
A security issue that could have disrupted the returning Sony networks, including the PlayStation Network, has been fixed. The problem was that anyone with the personal information for a Sony network account could reset the password, and that data was apparently stolen in the first break-in. The PlayStation Store is expected back soon.
As the Sony networks slowly come back online, a security issue that could have led to another break-in has been fixed. The company said the vulnerability was on the page where users had to reset their passwords for Sony's PlayStation Network and Qriocity music service.

The security hole enabled any user with the date of birth and e-mail address of an account holder to reset the password. Birth dates and e-mail addresses of up to a hundred million users were among the unencrypted data that Sony believes may have been stolen in the original break-in.

Accounts 'Unsafe'

After the first network breach, the company was criticized by industry observers and some members of Congress for not quickly revealing that users' personal data may have been taken. The initial breach was noticed by Sony on April 19, the PlayStation Network was shut down on April 20, and users were notified of the breach and possible loss of personal information on April 26.

A gaming site, nyleveia.com, first brought the most recent security issue to light in a posting on May 17. It said that "despite the methods currently employed to force a password change when you first reconnect to the PlayStation Network, your accounts remain unsafe."

The site reported that a hack exploiting this weakness was "currently doing the rounds in dark corners" of the Internet. By Thursday, Sony reported it had fixed the problem.

In a video recently posted on the PlayStation Blog, Sony executive Kazuo Hirai noted that, as a new security feature, all customers are required to change their passwords.

'Welcome Back'

Hirai said "aggressive actions" were being taken to address the vulnerabilities that led to the unprecedented network outage. The actions, he said, include advanced security technology, increased levels of encryption, additional firewalls, and early warning systems.



Source: link
Sony Fixes Another Security Vulnerability on Web Site on ClickOnline.com


Tags:  , ,
About this author

emma@clickonline.com
Staff reporter
Recent Articles by this author
10 June, 2014
The convenience and connectivity of a mobile phone has become a necessity for many...
14 May, 2014
The book which was published in 2001, billed as one of Potter's Hogwarts textbooks,...
14 May, 2014
The 32-year-old actress plays the 'Lord of the Rings' stars' wife in...
14 May, 2014
The producer-and-screenwriter has revealed he initially thought plans for the mutant...