PSN HACKED

Here’s the latest on the ongoing PSN account hacking issue (as of May 21, 2026).

What’s Happening Right Now

The problem is not a traditional data breach or mass password leak. It’s a social engineering attack targeting Sony’s customer support process. 

Hackers are successfully taking over accounts — even those protected by 2FA or passkeys — by impersonating the real owner.

How the hack works (confirmed across multiple reports):

1. They only need two pieces of information:
• Your public PSN ID (online ID/handle — the one visible on your profile, tweets, Discord, etc.).
• One piece of old transaction data from a past PlayStation Store purchase (usually a full order/invoice number, or sometimes just the last 4 digits of the card used).
2. They contact Sony Support (phone, chat, or even the “PlayStation Online Assistant” chatbot) and present this info as “proof of ownership.”
3. Support agents often grant the request to change the account’s email address or reset security settings.
4. Once they control the email, they disable 2FA, lock you out, make purchases, or sell/steal the account.

This method has been reported for months but gained major attention this week after high-profile cases.

High-Profile Case: Colin Moriarty (May 18, 2026)

Prominent PlayStation podcaster and journalist Colin Moriarty (Sacred Symbols / Last Stand Media, ex-IGN) was targeted.

• He received an advance warning from another victim: “Colin, I’m just warning you. They have your information and they are going to try to take your account today.”
• His account was compromised shortly after, despite having 2FA enabled and having recently changed his password.
• Hackers changed his email, disabled 2FA, and used his account to message his co-host Dustin Furman saying “You’re next.”
• Moriarty regained access relatively quickly by leveraging industry connections at Sony and first-party studios. He publicly acknowledged that most regular users don’t have this advantage and could lose access (and thousands of dollars in games) for much longer.
• He described it as part of an “ongoing sophisticated series of moves against both random and ‘prominent’ users.”

This case has reignited discussion because it shows even careful, high-profile users with 2FA are vulnerable.

Current Scale & Sony’s Response

• Reports are flooding in on Reddit, X, and gaming sites. Some users have lost access to libraries worth $10,000–$20,000+.
• The issue appears to be ongoing and possibly escalating, with both random users and community figures being targeted.
• Sony has not issued a major public statement specifically addressing this wave. Their general support page for compromised accounts exists, but critics say the company has been relatively silent on fixing the root support verification flaw.

How to Protect Yourself (Practical Steps)

Here’s what the community and reports recommend right now:

• Hide or minimize your PSN ID publicly — Don’t display it on social media, Discord, profiles, or streams if possible. Many are making theirs private or less obvious.
• Never share or post transaction/order numbers or receipts — Even in private chats or Discord. Delete old ones or heavily obscure them.
• Enable Passkey (biometric sign-in) — Sony recommends this as stronger than traditional passwords + 2FA. It’s harder for support social engineering to bypass in some cases.
• Turn on “Require Password at Checkout” in PlayStation Store settings.
• Use a strong, unique password and keep 2FA on (it’s still better than nothing, even if bypassable here).
• Regularly check your account activity and sign out of all devices if you suspect anything.
• Consider using a secondary/alias email just for your PSN sign-in ID.

If your account is already compromised:

• Contact PlayStation Support immediately (use the official site link).
• Change the password on the email linked to your PSN account right away.
• Monitor bank/credit card statements for unauthorized charges.
• Recovery can take time for average users — act fast.

Official Sony Support Page

Sony has guidance here: PlayStation Support – Compromised Accounts & Unauthorized Charges

It covers checking transactions, recovering access, and what to do if you see strange emails or charges.

Bottom line: This is a real, ongoing vulnerability in how Sony’s support verifies account ownership. The best defenses right now are not sharing your PSN ID or transaction details publicly and using the strongest sign-in methods available (Passkey + strong practices).