Report: Sony Hit By New PlayStation Exploit

Sony has taken down a number of its websites, after a new exploit regarding PlayStation Network usernames and passwords was revealed, according to media reports. Signing into PlayStation.com, Qriocity.com and the PlayStation forums has been suspended until the company has resolved the issue. According to games site Nyleveia, and backed up by Eurogamer and users at NeoGAF, a new exploit allowed anyone to reset another user's password with just their username and date of birth. The exploit was available via a special page that Sony had set up to help users change their passwords -- the page has now been taken down. Unsurprisingly, Sony did not give a specific reason for the suspension of service on its site, stating via the official PlayStation Twitter, "This is due to essential maintenance and at present it is unclear how long this will take." "In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information." It later clarified, "This maintenance doesn't affect PSN on consoles, only the website you click through to from the password change email." [UPDATE: A post on the PlayStation blog clarifies that there was "no hack involved" in the password reset page's URL exploit. The exploit has been fixed and the password reset page should be safe to use when it goes back online, the company said. PSN users can still reset their passwords through their PS3s.]