Sony: Hacker group Anonymous played a part in PlayStation records breach
Denial-of-service attack provided cover, company tells Congress
- By Kevin McCaney
- May 05, 2011
A distributed denial-of-service attack, possibly committed by the hacker group Anonymous, contributed to the breach of Sony’s PlayStation network and Qriocity music service that exposed personal records on tens of millions of users, Sony’s chairman has written in a letter to Congress.
The breach in mid-April, which exposed records on 77 million users, was followed almost immediately by another that exposed personal information on 24.6 million users.
In his letter to Congress, Kazuo Hirai said Sony had been hit by “a very carefully planned, very professional, highly sophisticated criminal cyberattack.” While investigating the first attack, security teams found a file on a server titled “Anonymous” and containing the hacker group’s slogan, “We Are Legion.” The DDOS attack hammered the network and covered up the breach activity.
Sony says PlayStation users' data protected, but take precautions anyway
Anonymous followers had claimed credit for the first DDOS attack, saying they broke it off after complaints from Sony network users, according to a report in Infosec Island. Anonymous has since said it had nothing to do with the second breach.
The Homeland Security Department’s U.S. Computer Emergency Readiness Team is assisting with the investigation of the attacks.
Information exposed in the first attacks included names, addresses, e-mail addresses and phone numbers, but the company said users’ credit card information was encrypted and apparently not taken.
The second attack, however, may have netted 12,700 credit or debit card numbers in countries outside the United States, along with 10,700 direct debit records of users in Austria, Germany, the Netherlands and Spain, according to a report in Security.
In his letter, Hirai’s says that credit card companies had not reported any fraudulent transactions related to the breaches.
The extent of Anonymous’ role in the attacks isn’t clear, but Hirai said the group is at least partly to blame, noting that the group had hit Sony with a denial-of-service attack several weeks before the breach.
He wrote that the company doesn’t know if the people who took part in the attack “were conspirators or whether they were simply duped into providing cover for a very clever thief,” but that, “whether they knew it or not – they were aiding in a well-planned, well-executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world.”
Kevin McCaney is a former editor of Defense Systems and GCN.