Wednesday, May 4, 2011

Sony blames vigilantes for breach

Sony has blamed the online vigilante group Anonymous for indirectly allowing the security breach that allowed a hacker to gain access to the personal data of more than 100m online game users.

In a letter to Congress, Sony said its network was breached at the same time as it was defending itself against a denial-of-service attack from Anonymous.

Denial-of-service attacks take servers down by overwhelming them with internet traffic.

Sony said that it had been the target of attacks from Anonymous because it had taken action against a hacker in federal court in San Francisco.

'We are legion'

It added that the attack that stole the data had been launched separately while it was distracted by the denial-of-service attack, and that it was not sure whether the organisers of the two attacks were working together.

Sony said that it had discovered on Sunday a file planted on one of its servers named Anonymous and featuring the line "We are legion", which is a phrase used by the group.

The vigilante group has denied being involved in the data theft.

In the letter to members of the House Commerce Committee, Kazuo Hirai, chairman of Sony Computer Entertainment America, defended the way that his company had dealt with the breach.

Sony discovered a breach in its Playstation video game network on 20 April but did not report it to US authorities for two days and only informed consumers on 26 April.

"Throughout the process, Sony Network Entertainment America was very concerned that announcing partial or tentative information to consumers could cause confusion and lead them to take unnecessary actions if the information was not fully corroborated by forensic evidence," the letter said.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Hud Settlement Statement

0 comments: