A recent PlayStation Network (PSN) hacking incident involving a journalist has revealed a major security flaw that could put many users in trouble.
A lot of PlayStation users have been hacked at some point; some users manage to get their account back, whereas unfortunate others have to leave behind all of their years’ worth of progress for a new account. Interestingly, some users are hacked again when trying to recover their accounts, and someone has now discovered a flaw that could be the cause.
PlayStation Network Accounts Can be Hacked With Just an Invoice Number and Your Username
A journalist at the French publication Numerama (translated by Google) has discovered a major security flaw with PlayStation Network. The report dives into an incident in which the journalist’s account was hacked despite 2FA protection. The user’s account login ID (email address) was changed, and he was charged €9.99 as the hacker had changed the username. The journalist was able to recover their account by getting support over the phone, but what’s interesting is the information they needed to retrieve it.
The report reveals that after spending some time on the call, all the information they needed to share was their PSN username and a transaction number from an old invoice; the year didn’t matter. With that, the journalist recovered their account; however, it was hacked again within an hour. This time, the user was unable to reach PSN support on the phone and decided to contact the hacker themselves by messaging their old PSN account from a new one.
The hacker was strangely cooperative and revealed that they had hacked the journalist’s PSN account “using a transaction number you posted on a page.” Turns out he had posted one of his bills in an old article, which the hacker could use to get access to the PSN account. The hacker also claimed to have “coded an app” to access Sony’s servers; however, that claim hasn’t been verified, as the promised video hasn’t been shared yet.
The journalist got on another call with PlayStation Network support, expressed his concerns about his account being hacked, and was then asked questions such as his date of birth, original email address, and original username. At the moment, their request is on hold, with the account seemingly suspended and a 5-10 day waiting period for a response.
In other news, PlayStation 5 was the US’s best-selling hardware in November 2025. Additionally, PlayStation Plus Game Catalog added nine games in December 2025. What are your thoughts on PlayStation Network’s major security flaw? Leave your thoughts down in the comments, and join the official Insider Gaming Discord server.
For more information from Insider Gaming, read about 007 First Light being delayed to May 2026. Don’t forget to sign up for our weekly newsletter.
This happened to me twice, once on November 7, 2025, and again on December 22, 2025.
This caused me to have a terrible anxiety attack even after recovering from the second invasion. I hope they fix this.