Just days after most services for PlayStation Network were brought back online, it appears a new exploit has been discovered that allows hackers to change users' passwords with the data stolen during the break-in to the service last month.

The Web sites that allow PSN users to sign in and reset their passwords have since been taken offline, as the graphic above from PlayStation.com shows. This problem reportedly does not affect the ability to sign in via a PlayStation 3 or PlayStation Portable, just some Sony Web sites.

The report comes from gaming blog Nyleveia, which posted a warning to PSN users that their passwords might not be safe and contacted Sony about it.

Another blog, Eurogamer, says it confirmed the exploit, which allows someone to reset your password by knowing your e-mail address used for the account and date of birth. That information is known to be among the data belonging to 100 million users of Sony's gaming services that was exposed between April 17 and 19 in the second-largest security breach in U.S. history.

Eurogamer says users that changed the e-mail address connected to the PSN account after PSN was restored this weekend should not be at risk.

Yesterday, speaking to a handful of reporters, Sony CEO Howard Stringer admitted that while the company had rebuilt the security for PSN during the three weeks it was unavailable, no system could be guaranteed "100 percent secure."

Update 11:12 a.m. PT: Sony spokesman Patrick Seybold wrote today in a blog post that Sony "temporarily took down the PSN and Qriocity password and reset page." There was "no hack," he emphasized, but a "URL exploit that we have subsequently fixed."

At the time of this update, PlayStation.com and Qriocity.com log-in pages were still inaccessible.

The PlayStation Store will return to PlayStation Network on May 24, 2011, Sony has told its PlayStation Network developer and publishing partners. According to the memo, Sony will update the PlayStation Store two times a week for the next two weeks to catch up on the weekly updates they’ve missed.

“We thank you for your patience as we work to resume service of the PlayStation Store,” wrote PlayStation Network content manager Jack Osorno in the message.

The first content update, due May 24, will publish content originally scheduled for April 26. The second, on May 27, will publish content scheduled for May 3. The next two, on May 31 and June 3, will publish content originally scheduled to release over the following three weeks.

“If there are concerns, we are willing to consider adjusting the release date of your content on this schedule,” said Osorno. “Adjustments will be made on a case by case basis.”

The return of the PlayStation Store is one of the final steps in complete restoration of the PlayStation Network. Online play functionality returned last weekend.

About a month after Sony's PlayStation Network was hacked, exposing the account information of 100 million users, Sony faces a series of smaller hacks across the company's systems.

So-net Entertainment Corp, a subsidiary of Sony, discovered that a hacker stole about $1,225 worth of customers' redeemable gift points, according to the Wall Street Journal. That same day, security firm F-Secure found that Sony's Thailand server was running a live phishing scam.

So-net does not believe the breach on its systems was connected to the PSN hack. The company reported that an intruder tried 10,000 times to access the So-net point service, which gives customers gift points that can be exchanged for products. So-net said that the intruder likely had usernames for accounts and proceeded to use software that generated passwords in the attempts of finding the right one. Points were redeemed from 128 customer accounts, and another 73 accounts and 90 email accounts were accessed.

In the case of Sony Thailand, The Next Web confirmed that the phishing site hosted on the hdworld.sony.co.th URL was the result of a hack, likely through some security weakness in the server's infrastructure.

Earlier this week, Sony was forced to take down sign-ins across the PlayStation Network due to a vulnerability in the password reset page that allowed hackers to get into user accounts using only an email address and a date of birth.

While none of these breaches near the magnitude of the original PlayStation Network breach, it seems perhaps that such vulnerabilities are only now being discovered because of the scrutiny the company and its systems have come under following the PSN hack. Experts believe that Sony is only one of many companies that must improve its security to prevent further attacks, and that without such measures, similar hacks will happen again.

"It's a realization that we all had, that no system is 100 percent safe," Kazuo Hirai, the Sony exec managing the breach said at a briefing earlier this week. "This requires constant monitoring and constant vigilance."

Sony won’t be relaunching the PlayStation Store until next week, but it’s already running into trouble. First, its plans got leaked to the press, scuttling any chance of a stealth restart. But the big blow came when Microsoft’s Xbox announced a deal with PayPal giving consumers a proven, secure alternative to PSN.

Sony is hoping that this week’s return of PSN and next week’s restore of the store will let it put its massive security breach behind it. But flubs with the relaunch as well as a second round of hacking are making it difficult for consumers to forget last month’s theft of personal information for 100 million Sony users.

The Xbox software update is perfectly timed to make the most of that. Microsoft’s Larry Hryb, better known to gamers as Major Nelson, formally announced the update on his blog:

I am happy to announce that, as a part of a new Xbox 360 System Update, we’re expanding our integration with PayPal to allow US and international Xbox LIVE users to make purchases on their Xbox 360 consoles with their PayPal accounts.

Users had been able to use PayPal before this but only to buy Xbox points — which could only be used for downloadable game add-ons. Under the new arrangement users will be able to buy everything — including games and subscriptions.

Raise club, beat Sony

The move allowed Microsoft to very clearly show that it wasn’t standing still on security issues even though its network hasn’t been hacked yet. Using PayPal instead of direct credit card payments would serve as an added layer of security if the network got hacked. Add to that PayPal’s reputation for having very exacting security standards and you make a compelling case for not going with PSN.

As Joe Wilcox of the game news site BetaNews put it, “PayPal is a huge addition for Xbox Live, as available on a nearly global basis (based on number of countries). I tend to use PayPal wherever possible, rather than a credit card number. Did you hear that, Sony?”

The timing of the announcement was also good for Xbox and bad for PSN.

It came on the heels of publication of a leaked memo to Sony’s game developer and publishing partners. While the memo contained no damaging news, the fact that it got out only reinforced Sony’s current image as a gang that can’t shoot straight. In the memo, PSN content manager Jack Osorno thanked the partners for their patience and laid out a plan to do two content pushes per week to catch up with the backlog of content.

It is worth noting what wasn’t in the memo: any plans for Sony may have to assist developers who were hit by the outage. Also worth noting: PSN is still not running in Japan where the government is demanding a better explanation of what security steps Sony is taking.

More bad news for Sony as the embattled electronics company struggles to reassure its customers that its systems are safe after a major hacker attack brought down the Sony PlayStation Network and Online Entertainment for three weeks.

Reports surfaced Sunday and Monday that the company has suffered another breach, this time through its music services in Greece and Japan.

The security company Sophos and the Hacker News identified two attacks on Sony’s music sites in Greece and Japan. The Greek attack, which occurred Sunday, is believed to have leaked some user information including names and some passwords. Sophos encouraged Greek users to reset their passwords.

The Japanese attack, believed to have occurred Monday by the group Lulz Security, accessed user databases on the sites. The hackers left a message saying that the attacks weren’t difficult to carry out and were meant to embarrass Sony.

“Stupid Sony, so very stupid,” the message said before linking to two unprotected Sony databases.

According to Sophos, the leaked database information does not contain names, passwords or other personally identifiable information.

Since the initial attacks, Sony has also found a security weakness on its password reset page, been the target of a phishing scam through its home page in Thailand, and seen one of its ISP subsidiaries robbed for about $1,200 in virtual tokens. The reports follow a grim financial forecast that predicts the company will show a $3.2 billion annual loss this year, and that the breaches have already cost the company, $171 million to fix.

Meanwhile, gamers are waiting for the PlayStation Store to come back online to redeem the “Welcome Back” packages Sony offered as compensation for downtime on the Sony PlayStation Network, Qriocity music service and Sony Online Entertainment