**IT'S A FATAL SECURITY FLAW WITH SONY'S SECURITY SYSTEMS: PlayStation Network Accounts Can Allegedly Be Hacked Even If Protected by 2FA and Passkey**

As we reported earlier, a tech journalist at French publication Numerama had their PlayStation Network account hacked despite having every security measure in place, including two-factor authentication (2FA) and passkey. The hack was so brazen that the hacker not only changed the associated email and password but also spent money from a linked payment method.

What's even more alarming is that the journalist initially recovered their account through PlayStation Support only for the hacker to seize control again. In an ironic twist, the journalist spent the evening communicating with the hacker, who revealed how their method bypasses modern security measures.

Numerama's Nicolas Lellouche has promised a follow-up report on this story, but in the meantime, he has shared some insights into what happened. It appears that the fatal security flaw lies in how account ownership is verified by Sony's systems. The hacker managed to gain access to the journalist's account using only the associated email address, which was obtained via a screenshot shared online.

The procedure used by Sony's support team raises several red flags. For instance, no other data was requested as proof of ownership beyond the email address. Moreover, three consecutive requests related to the same account did not raise suspicion. This is a glaring weakness in the system that hackers are likely exploiting.

As we previously reported, this is not an isolated incident. There have been several cases where users' accounts were hacked despite having all security measures in place. The common thread in these incidents is the use of internal tools by hackers to bypass security checks.

The implications of this security flaw are staggering. If true, it means that any PlayStation Network account can be hacked using only the associated email address. This is a massive risk for users who have linked their payment methods and sensitive information to their accounts.

We urge Sony to take immediate action to rectify this issue. In the meantime, users should exercise extreme caution when sharing personal information online and use prepaid cards whenever possible to make purchases on any digital store. Losing access to a digital library is bad enough, but having money stolen is considerably worse.

**Related Story:**

* [PlayStation 5/PC Cross-Buy Could Be On The Way](https://www.wccftech.com/playstation-5-pc-cross-buy-rumored/)