Overview
- French journalist Nicolas Lellouche reports his PlayStation Network account was taken over even with a passkey and two-factor authentication enabled.
- The intruder changed the account’s email and password and made an unauthorized purchase, and the account was seized again after an initial recovery through support.
- Lellouche says the attacker succeeded using only his username and a transaction ID visible in an old screenshot of a purchase invoice.
- Additional users have described similar takeovers, with reports that support sometimes accepts last payment-card digits or a console serial number to verify ownership.
- Sony has not issued a public response, and outlets advise users to avoid sharing invoices or transaction screenshots and to watch linked payment methods for charges.