A growing number of PlayStation users are raising concerns over a reported security flaw that allegedly allows attackers to hijack PSN accounts through Sony’s own customer support system. According to multiple community reports, the exploit has been circulating publicly since December 2025 and may still remain active as of May 2026.
The situation has sparked major concern across the PlayStation community because users claim traditional security protections such as strong passwords and two-factor authentication were not enough to stop the attacks.
Reported Exploit Allegedly Uses Support Verification Process
According to reports shared online, attackers are allegedly able to convince support staff to transfer ownership of a PSN account by providing only two pieces of information: a PSN ID and a valid transaction ID linked to the account.
Critics say this creates a dangerous situation where anyone with access to leaked receipts, old purchase confirmations, or exposed transaction information could potentially impersonate the legitimate account owner during support interactions.
Several affected users insist they never clicked phishing links, downloaded suspicious files, or shared passwords with anyone before losing access to their accounts.
The most alarming part for many users is the claim that the exploit appears to bypass standard account protections entirely, including two-factor authentication.
Colin Moriarty Reports His Own PSN Account Was Compromised
The issue gained even more attention after podcast host Colin Moriarty publicly stated on May 18, 2026, that his own PlayStation account had been compromised.
According to Moriarty, he had enabled two-factor authentication and changed his password after noticing suspicious activity, yet still lost access to the account afterward. His statements fueled concerns that the exploit may rely heavily on support-side verification weaknesses rather than direct hacking methods against users themselves.
This has led many PlayStation users to question whether current account recovery procedures are secure enough for modern threats.
Suspicious Emails and Community Concerns Continue to Grow
Some users affected by the alleged exploit reported receiving unusual or unexpected emails shortly before their accounts were compromised. While there is currently no confirmed evidence linking those emails directly to the reported support exploit, the timing has raised additional suspicion within the community.
Others are now warning players to avoid publicly sharing screenshots, digital receipts, order confirmations, or any transaction-related information that could potentially be used during account verification procedures.
Sony’s own existing security recommendations already advise users not to share account or transaction information publicly, though the company has not yet released a new official statement specifically addressing the recent wave of account takeover reports.
Past Security Controversies Add to the Backlash
The reported exploit has also reignited criticism surrounding previous PlayStation security controversies and account-related incidents from past years. Community members argue that account recovery systems should require significantly stronger verification steps, especially when changing ownership details or bypassing existing security protections.
Some players are now demanding temporary freezes on support-based account recovery until Sony confirms whether the reported exploit is legitimate and fully resolved.
Others are calling for mandatory identity verification systems, hardware authentication requirements, or stricter support escalation procedures before major account changes can be approved.
PlayStation Community Awaits Official Response
At the time of writing, Sony has not publicly confirmed the existence of the reported exploit or announced a dedicated fix. However, community pressure continues to grow as more users share concerns about the possibility of accounts being compromised without traditional phishing attacks or password leaks.
Many PlayStation users are now waiting for Sony to clarify whether the support verification process is being investigated and whether additional protections will be introduced in the near future.
Until then, players are being urged to keep transaction information private, monitor account activity closely, and remain cautious with any emails or account-related requests they receive.
Enjoy our updates? You can add GamingHQ as a preferred source in Google Search to see our articles more often.
