Sony reveals 'Anonymous' file was found on entertainment servers

Summary:Sony's problems are far from over, but at least PlayStation Network subscribers finally getting some of the in-depth answers they have been waiting for.

Sony's problems are far from over, but at least PlayStation Network subscribers finally getting some of the in-depth answers they have been waiting for.

In response to a U.S. House of Representatives subcommittee meeting about “The Threat of Data Theft to American Consumers," Sony Computer Entertainment America's chairman of the board Kazuo Hirai submitted a statement with the following key points that reveal more details about the cyber attack that brought down PSN:

  • Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.
  • We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”
  • By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.
  • As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack.

Sony has been on the defensive with its customers about the gravity of the situation. It took Sony over a week to inform customers that personal data had been stolen.

The hacker group Anonymous claimed responsibility for an outage earlier in April but later denied having a hand in this latest event. Given Sony's testimony, it would seem that Anonymous was in fact involved this time around. However, Sony has refrained from stating outright that the group is responsible. It also does not cite Anonymous as the direct culprit for the latest security vulnerability in which an additional 24.6 million accounts were exposed. But given the calling card left on the server, it's hard to believe that Anonymous didn't have some part in this.

Sony reps said they have followed a series of guidelines to deal with the long-term outage, namely "Provide relevant information to the public when it has been verified." To be fair to Sony, that's the right call. While Sony should have been a little more open with its customers as to what was going on, it was better not to stir up trouble and upset people without all the facts.

At least some of the PSN services are back online again, such as Music Unlimited, but not everything is back to normal yet. The way things are going for Sony lately, it's likely that the PlayStation Network and Online Entertainment services won't be normal again for a very long time.

Related coverage on ZDNet:

Topics: Hardware, Security

About

Rachel King is a staff writer for CBS Interactive based in San Francisco, covering business and enterprise technology for ZDNet, CNET and SmartPlanet. She has previously worked for The Business Insider, FastCompany.com, CNN's San Francisco bureau and the U.S. Department of State. Rachel has also written for MainStreet.com, Irish Americ... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.