Sony blames Anonymous distraction for breaches

Sony says it was distracted by an Anonymous DDoS when hackers stole details on over 100 million customers.

PlayStation

Hacktivist group Anonymous has been partially blamed by Sony for the data breaches which hit over 100 million customers last month.

In a letter to Congress, Sony said it had to cope with a significant distributed denial of service (DDoS) attack when hackers took personal data possibly including credit card details of Playstation Network (PSN) gamers.

Sony claimed it was targeted by Anonymous due to action the electronics firm took against a hacker in a San Francisco federal court.

"Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," the letter written by Kazuo Hirai, chairman of Sony's board of directors, read.

"Those who participated in the denial of service attacks should understand that whether they knew it or not they were aiding in a well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world."

The company said it had found a file on one of its servers containing a line of Anonymous' signature, "We are Legion."

A message addressed to Sony on AnonNews.org purporting to be from Anonymous indicated it had indeed targeted the Playstation creator for chasing down hackers.

"Your recent legal actions against fellow internet citizens, GeoHot and Graf_Chokolo, have been deemed an unforgivable offense against free speech and internet freedom," the message read.

"Anonymous is attacking your private property because we disagree with your actions."

Getting defensive

In his letter to the House Commerce Committee, Hirai also sought to defend Sony's response to the hacks following criticism of how quickly it told customers about the breach.

Sony discovered unauthorised access to PSN data on 20 April. It didn't notify users until almost a week later on 26 April.

Hirai said the complexity of the breach had led to the delay in telling customers, as it sought to understand the scope of the hack and what data had been accessed.

"Throughout the process, Sony Network Entertainment America was very concerned that announcing partial or tentative information to consumers could cause confusion and lead them to take unnecessary actions if the information was not fully corroborated by forensic evidence," Hirai said.

He said Sony believed it now understood how the hack happened, but did not go into detail due to the ongoing criminal investigation and the need to protect systems with "similar architecture to the Playstation Network."

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020