Cybercriminals left a file in the name of "hacktivist" group "Anonymous" on the servers of Sony's online entertainment network, the Japanese company said Wednesday, but it stopped short of directly accusing the Internet vigilantes of carrying out the attack.
Sony, in a letter to a US congressional committee investigating data theft, provided its most detailed explanation yet of the hacker attacks on Sony Online Entertainment, the PlayStation Network and Qriocity streaming music service.
Personal information such as the user names, passwords, addresses and birth dates of more than 100 million people may have been compromised in the attacks and the intruders may also have made off with credit and debit card data.
Committee chairman Mary Bono Mack, a Republican from California, criticized Sony for declining to attend the hearing, calling its decision "unacceptable," and said it should have notified customers sooner of the data breach.
Mack said Sony claimed it was "too busy" with its ongoing investigation to appear, but Sony Computer Entertainment America chairman Kazuo Hirai did respond to questions from US lawmakers in a letter to the committee.
Sony, in the letter to the House Subcommittee on Commerce, Manufacturing and Trade, noted that the large-scale data theft came shortly after the PlayStation Network suffered distributed denial of service (DDoS) attacks from the loose knit group of "hacktivists" known as Anonymous.
Anonymous, which carried out attacks last year against US companies which withdrew services to WikiLeaks, had vowed retribution against Sony for taking legal action against hackers who cracked PlayStation 3 (PS3) defenses to change console operating software.
Anonymous argues that PS3 console owners have the right to do what they want with them, including modifying them.
In a typical DDoS attack, a large number of computers are commanded to simultaneously visit a website, overwhelming its servers, slowing service or knocking it offline completely.
Anonymous took credit for the DDoS attacks but denied involvement in the data theft.
Sony's Hirai, in his letter, said "what is becoming more and more evident is that Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyberattack designed to steal personal and credit card information for illegal purposes."
He said intruders who stole data from Sony Online Entertainment servers "had planted a file on one of those servers named 'Anonymous' with the words 'We are Legion,'" the Anonymous motto.
"Just weeks before, several Sony companies had been the target of a large-scale, coordinated denial of service attack by the group called Anonymous," Hirai noted.
"Almost two weeks ago, one or more cybercriminals gained access to PlayStation Network servers at or around the same time that these servers were experiencing denial of service attacks," he said.
"Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," the Sony executive said.
"In any case, those who participated in the denial of service attacks should understand that - whether they knew it or not - they were aiding in a well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world," he said.
Sony also said it was cooperating with the Federal Bureau of Investigation and private forensics companies in investigating the data theft, which has led Sony to temporarily shut down the PlayStation Network.
The PlayStation Network connects PS3 consoles to online games, films and more. Players are still able to take part in games offline on consoles, but have lost the ability to challenge others on the Internet.
The PlayStation Network was launched in November 2006 and boasts about 77 million registered users worldwide.
Sony said it discovered the initial breach between April 17 and April 19 and shut down the network on April 20, but has faced criticism for not disclosing it until a week later.Reuse content