Tech security experts are warning Sony about a serious vulnerability affecting their PlayStation Network service.
Basically, there is a critical SQL injection vulnerability in the service. This vulnerability allows a hacker to read data from PSN users.
By going through Sony’s support site, and using a manipulated parameter in the site’s URLs, you can see the contents of the SQL database in the browser itself.
The bug was found by expert Aria Akhavan, and this leak was explained and shared by prominent German tech website Golem. They told Sony as early as two weeks ago, but the company has yet to respond, and seems unlikely to be answering at all.
PSN security is a potentially touchy subject for many users, especially after the PSN outage of 2011. Personal information for 77 million users were stolen, and the system went down for 24 days.
The security breach led to investigations and lawsuits across several countries, but there were no verifiable reports that the information was used for credit card fraud. Other PSN outages have since occurred, including one just this August.
While some consumers may have gotten used to hacks and outages of PSN and similar services, the iCloud celebrity photo leaks show how potentially dangerous these hacks can be. The gaming community has been lucky that it has not yet gotten this dangerous for them, but that potential always looms, and could damage online gaming if the worst ever happens.
