Update []:
Hours after going public about the hack, Sacred Symbols host Colin Moriarty has confirmed his account was retrieved.
While this is good news, Moriarty acknowledges that his status and connections played a big part in the recovery of his account here.
Clearly there are procedures and protocols that need to be improved to prevent this from happening to others.
Original Story: A prominent PS5 podcaster’s PSN account has been hacked, amplifying ongoing concerns of “social engineering” which have been circulating within the PlayStation fanbase.
Colin Moriarty, the founder and creator of the Sacred Symbols podcast and ex-IGN PlayStation editor, took to social media today to confirm that he’s lost access to his account.
Eerily, he was warned that he was a target just hours before his account was commandeered by hackers.
Moriarty’s podcast has been contacted by several PS5 players over the past year or so, all reporting a similar situation. It’s possible he became a target because of his coverage of the topic.
According to the Sacred Symbols host he wasn’t phished and did not input his sensitive data somewhere he shouldn’t. “I’m positive of this,” he says.
Moriarty reveals he randomly got a text message saying his email address had been changed and that two-factor authentication had been disabled. His compromised account was subsequently used to contact co-host Dustin Furman, saying “you’re next”.
A lot of this echoes a sprawling report published by French journalist Nicolas Lellouche last year.
After his account was compromised in a similar manner to Moriarty’s, he decided to do some digging and discovered that PSN accounts may be the target of a “social engineering” scheme.
Essentially, his article hypothesises that hackers can gain full access to your account by providing customer service representatives with minimal information – in this instance, a transaction ID.
Lellouche says he exposed this information publicly in an article he wrote in 2023, which he believes was discovered by hackers and used as a means to access his account.
I contacted Moriarty to ask if he’s ever inadvertently shared any receipts or transaction IDs in the past, and he told me it’s possible but he’s not sure when.
Assuming this is the case, then I hope there’s an alarm ringing at PlayStation right now.
Obviously, customer service needs to be quick and seamless, but if stringent security checks aren’t in place, then we end up in situations like this.
Moriarty’s status within the PlayStation fanbase likely means there’ll be a swift resolution here, but not everyone will have the same luck.
With years of playtime and potentially thousands of dollars of digital purchases on the line, Sony has to ensure its security is rock-solid and that it’s keeping its customers safe.
