It’s coming on a month now, and with hacktivism group Anonymous even being drawn in as a player in this farce, or Shakespearean tragedy depending on your view; the saga of Sony’s Playstation network continues.
This comes after Sony’s efforts to revive its PlayStation Network have stumbled after the firm discovered a flaw hackers could exploit when it came to resetting passwords.
Sony temporarily disabled its PlayStation Network and Qriocity music streaming password reset pages to fix a vulnerability in a system that was just regaining its footing after a cyber-attack that resulted in it being shut down for weeks.
“We temporarily took down the PlayStation Network and Qriocity password reset page,” Sony spokesman Patrick Seybold wrote in a terse update posted on the PlayStation blog. “Contrary to some reports, there was no hack involved”, he explained. “In the process of resetting of passwords there was a URL exploit that we have subsequently fixed.”
Whilst details of the problem were not disclosed, it is understood a door open had reportedly been left ajar for hackers to change a user’s password if they knew the email address and birth date associated with an account.
“Consumers who haven’t reset their passwords for PlayStation Network are still encouraged to do so directly on their PS3″, Seybold wrote. “Otherwise, they can continue to do so via the website as soon as we bring that site back up.”
The PlayStation Network connects PlayStation 3 (PS3) consoles to online games, films and more.
Sony on Sunday began a phased restoration — as they put it — of network services that came under hacker attacks in one of the biggest data breaches since the advent of the internet.
Cyber-thieves stole personal data that included names, passwords and addresses from more than 100 million accounts on PlayStation Network and Sony Online Entertainment services.
In what has concerned user the most, Sony has said it could not rule out that millions of credit card numbers may have also been compromised. Sony shut down the PlayStation Network and Qriocity on April 20 after its data centre in San Diego was hacked — but it did not reveal the breach until April 26, which was what drew the anger of it’s users.
The entertainment and electronics giant began restoring the services on Sunday and promised that defenses had been hardened.
The Japanese multinational estimated that the cyber attack cost the firm US$1-billion.
Sony chief Howard Stringer, speaking for the first time on the crisis Tuesday, said protecting private information was a “never-ending process” and he did not know if anyone could be “100% secure.” — AFP