BreachExchange mailing list archives
Sony Hack Probe Uncovers ‘Anonymous’ Calling Card
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Wed, 4 May 2011 15:16:45 -0400
http://www.wired.com/gamelife/2011/05/sony-playstation-network-anonymous/ In the course of its investigation into the PlayStation Network security breach, Sony discovered a file that makes a clear reference to the “Anonymous” hacking group. In a letter to the U.S. House of Representatives on Wednesday, Sony said a file named “Anonymous,” containing the words “We Are Legion,” was left behind by the intruders who gained access to the servers of Sony Online Entertainment, the company’s game development and distribution arm. The intruders in that breach compromised information on 24.6 million users, as well as 20,000 credit card and bank account numbers. Sony discovered the SOE breach on Sunday while investigating an earlier attack that compromised information on 77 million accounts from Sony’s PlayStation Network and Qriocity services in April. Anonymous has not been linked to the PlayStation Network breach — the first one detected — but Sony noted that both breaches took place in the same time frame, which also corresponded with a denial-of-service campaign launched by Anonymous in retaliation for Sony’s lawsuit against PlayStation tinkerer George Hotz. Members of the House Committee on Energy and Commerce held a hearing Wednesday to address the subject of data theft and its potential impact on consumers. Sony Computer Entertainment CEO Kaz Hirai did not attend, but sent written responses to the House subcommittee. Sony summarized the content of Hirai’s letter on its official PlayStation blog, saying that it had suffered from a “very carefully planned, very professional, highly sophisticated criminal cyber attack.” Sony said it knew how the intrusion was accomplished, but not who was responsible. Photo copies of the letter, which details the company’s actions over the past two weeks and says Sony acted with “care and caution” while deciding how to act and when to inform companies of the security breach, was also made available. On the afternoon of April 20, Sony first discovered evidence of an unauthorized intrusion, it said in the letter. It then took down the PlayStation Network servers. Over the next five days, the company hired multiple security firms and forensic teams to determine the scope of the breach. On April 25, Sony found that hackers could have obtained personal information for 77 million PSN accounts, of which it informed customers the following day. Sony did not inform customers prior to April 26 because it did not want to “cause confusion and lead [customers] to take unnecessary actions,” the company said. Major credit card companies have still not reported any fraud that they believe is directly related to the attack, Sony said, adding that 12.3 million customers had credit card information stored on the PlayStation Network, including 5.6 million in the United States. Sony says those credit card numbers were stored encrypted. On Monday, Sony added that its Sony Online Entertainment services had also been affected by the hack, and that hackers may have obtained personal information for its 24.6 million users. As of Wednesday, the company’s Facebook and other online game services have not been taken back online. Sony said that it plans to bring some of PlayStation Network’s services back up this week. As a goodwill gesture, customers will receive 30 free days of PlayStation Plus as well as a variety of free downloads. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Sony Hack Probe Uncovers ‘Anonymous’ Calling Card Jake Kouns (May 05)