Sony partially blames online vigilante group Anonymous for data breach


This article was originally on a blog post platform and may be missing photos, graphics or links. See About archive blog posts.

Sony told U.S. lawmakers that the Internet vigilante group Anonymous indirectly allowed a network attack that exposed the personal data of millions of customers.

In a letter to the House Energy and Commerce Committee’s panel on commerce, manufacturing and trade, Sony said that it discovered a file planted on one of its servers named ‘Anonymous’ with the words ‘We are Legion,’ the tagline for the group that has brought down the websites of big corporations such as Visa, the letter said.


Sony’s network may have been breached while it was defending itself against a denial-of-service attack from Anonymous, Sony said. The online activists were protesting a civil suit Sony brought in federal court in San Francisco against a hacker.

“Whether those who participated in the denial-of-service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know,” the letter said.

‘Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack designed to steal personal and credit card information for illegal purposes,” the letter said. Sony said the company earned of the first breach on April 19 and shut down the PlayStation Network the following day. The company informed account holders that their personal data was potentially exposed about a week later.

In response, Anonymous released a statement Wednesday denying the allegations, but did allow that individual members may have been involved.

‘Sony is incompetent,’ the group said. ‘While it could be the case that other Anons have acted by themselves AnonOps was not related to this incident and takes no responsibility.’

Also on Wednesday, U.S. Atty. Gen. Eric Holder told the Senate Judiciary Committee that the Justice Department had opened an investigation into ‘those hacking situations that have gotten publicity over the last few weeks, the Sony incident among them.’


New York Atty. Gen. Eric Schneiderman on Wednesday subpoenaed three Sony divisions -- Sony Computer Entertainment, Sony Network Entertainment and Sony Online Entertainment -- for documents regarding their security, CNBC reported.


U.S. attorney general launches probe into Sony data breach

Sony says hacker may have stolen information from 24.6 million additional accounts

Sony says PlayStation Network credit-card data was encrypted

-- Shan Li