[Update: Sony has assured consumers that the sites were not hacked, so there’s no need to fear that details were compromised. Sony itself did not state, in its post, why it took down the password reset pages. It’s neither confirmed nor denied the existence of the exploit. In any case, it’s recommending that users reset their passwords via PS3, despite the return of the websites.]
Oh … Sony … no …
Sony has had to restrict its online services yet again after discovering an exploit in its PSN password reset system, which could let hackers break in and mess with all your accounts again. The exploit lets someone change a PSN password using only an email and a date of birth.
PSN sign-in is unavailable for PlayStation.com and the PlayStation forums. Password reset emails now contain a link to a site that cannot be viewed, which will certainly confuse customers.
“Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being,” said Sony. “This is due to essential maintenance and at present it is unclear how long this will take. In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information.”
It’s been suggested that you create an entirely new email address for use specifically with the PSN and nowhere else, in order to protect yourself. By the time this is over, we’re going to have to slaughter three newborn goats and offer them up to the Sun Lord in exchange for our account safety.
Sony’s PSN password page exploit [Eurogamer]