Sony's efforts to control the negative press surrounding the PSN security breach have suffered yet another blow after it was been revealed that an exploit on the web page used to reset PSN passwords allows anyone with access to a user's account email and date of birth to change the password.
What compounds the problem for Sony is that this information was part of the data compromised during the PSN security breach itself.
The page itself has now been taken down, meaning that the mandatory password reset for returning customers is currently unavailable.
"Unfortunately this also means that those who are still trying to change their password via Playstation.com or Qriocity.com will be unable to do so for the time being," Sony said in a statement. "This is due to essential maintenance and at present it is unclear how long this will take.
"In the meantime you will still be able to sign into PSN via your PlayStation 3 and PSP devices to connect to game services and view Trophy/Friends information."
Sony has been contacted for a response regarding the situation.