It has now been confirmed that a major Sony security loophole is behind an alarming number of PS5 users having their PlayStation accounts hacked. “Hack” might not even be the right word for it, as what’s happening is basically one big social engineering scam successfully carried out with the help of PS Support agents.
How PlayStation accounts are ‘hacked’ with social engineering
To be clear, no one is immune to this social engineering scam because all hackers need is basic public information about the victim. Suggestions that the victims are to blame because they must have shared private information online, like a PS Store transaction number, are misleading at best.
While it’s true that sharing something as mundane as a screenshot of a PS Store purchase with a transaction number can aid hackers, that’s not how known PlayStation journalist and podcaster Colin Moriarty was hacked.
Scammers can break into an account with the help of PS Support by simply providing recent purchase history. So, for example, if you talk about buying a new game online and a scammer takes note, they can impersonate you by providing a transaction date and details about what you purchased, along with your username or email address, and gain control of your account.
This renders two-factor authentication and passkey useless because it’s a PS Support agent overriding your safety net.
X user PorkPoncho tested this out, and successfully “hacked” their sister’s PlayStation account (with her consent, of course) to demonstrate how it works:
Moriarty also spoke about this issue at length in a new podcast:
As we mentioned in our previous article, Sony is now well aware of this problem, but has yet to address it. In the meantime, an increasing number of PS5 users are losing their accounts.
Just a day ago, another prominent trophy hunter revealed on PSNProfiles that after 10+ years, they lost their PlayStation account to a scammer in the same way and haven’t been able to recover it. Dejected, they have now decided to quit PlayStation gaming.
Here’s hoping we hear something from Sony…. and soon.
