The company installed the new system after reinstating some of the services targeted in an online attack that caused a 26-day outage and a massive data breach of two of its networks.
Nyleveia.com, a gaming site, reported that it has demonstrated that hackers will be able to reset a PSN users’ password using only an account’s current e-mail address and the account holder’s date of birth — both pieces of information believed to have been taken in the original breach.
Shortly after the demonstration, the site received an e-mail from Sony saying that the fake account’s password had been changed. The hack has been confirmed by Eurogamer and users at the NeoGAF gaming forums.
The site reached out to Sony’s entertainment unit in Europe. Shortly after that report, Sony disabled PSN sign-in on a number of Sony Web sites, according to a moderator on a Sony online forum.
Nyleveia recommends that all PSN users make new e-mail accounts for the PSN to avoid a possible attack.