PSN Security Gap: Social Engineers Could Hijack PlayStation Accounts
A social-engineering vulnerability in Sony’s PlayStation Network could let attackers hijack PSN accounts by exploiting customer-support processes and a small set of publicly available or easily obtained data (such as an email, transaction date, and purchases). It isn’t a traditional data breach, but a weakness that could allow email changes, 2FA removal, and passkey removal, effectively locking users out. The risk was highlighted through Colin Moriarty’s experience and tests by others, with Sony saying it’s taking the issue seriously. Readers are advised to review any publicly exposed receipts or transaction IDs and be cautious about sharing purchase details online.