Skip to main content

Sony Found an ''Anonymous'' File on SOE Servers

PSN users aren’t the only ones wondering how the heck hackers were able to steal so much personal information from Sony servers. Late last week, the United States House of Representatives Subcommittee on Commerce, Manufacturing, and Trade sent a letter to Sony asking it to detail certain aspects of the breach and how it was dealing with the exposure of such a large amount of personal data.  

Today, Kazuo Hirai, Chairman of the Board of Directors of Sony Computer Entertainment America, submitted written answers to the questions via an open letter that details Sony's actions in dealing with the breach and subsequent data loss.

As with many of the blog posts, press releases, FAQs and Q&As Sony has posted in the last couple of weeks, there’s a lot of information in there that we already know. However, also included is some additional information that Sony had not previously disclosed. Indeed, Hirai revealed that Sony did not notice the hackers’ intrusion straight away.

"Almost two weeks ago, one or more cyber criminals gained access to PlayStation Network servers at or around the same time that these servers were experiencing denial of service attacks," Hirai wrote.

"The Sony Network Entertainment America team did not immediately detect the intrusion for several possible reasons. First, detection was difficult because of the sheer sophistication of the intrusion. Second, detection was difficult because the criminal hackers exploited a system software vulnerability. Finally, our security teams were working very hard to defend against denial of service attacks, and that may have made it more difficult to detect this intrusion quickly -- all perhaps by design.

"Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know. In any case, those who participated in the attacks should understand that -- whether they knew it or not -- they were aiding in a well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony’s many customers around the world."

Hirai goes on to give a more precise timeline of how Sony proceeded once it discovered the intrusion and explains why it took so long to notify users that personal data had been compromised (he gives the same explanation that the PlayStation Blog offered -- Sony simply didn’t know until April 25). He also mentions that the hackers deleted log files in order to hide the extent of their work and activity inside the network.

Perhaps most importantly, Hirai revealed that though the information of 77 million users was stolen, Sony only holds the credit card details of approximately 12.3 million users (5.6 million of them being U.S. customers). The company still has no evidence to suggest this information was stolen or compromised in some way -- the hacker made queries for information related to personal data such as name, home address, phone number, but Sony has not yet discovered any similar queries relating to credit card info -- and the company says it has received no communication from credit card companies to suggest there has been any fraudulent activity as a result of the PSN breach.

Finally, Hirai also stated in the letter that Sony’s investigations led to the discovery of a file titled 'Anonymous' which had been planted on SOE servers and contained the words "We are Legion." Anonymous has already stated publicly that it had nothing to do with the attack, which means there’s two likely explanations: Anonymous was lying and this was part of the group's attack on Sony over the GeoHot affair, or, someone else hacked PSN and SOE and tried to cover its tracks by leaving evidence that points to Anon. At any rate, Sony’s letter doesn’t specifically say it believes Anonymous is responsible, so we have to assume the company is still investigating who is behind this attack.

You can read the letter in full over on Flickr.

  • chick0n
    as much as I don't like the way Sony process/keep user's information, I guess its time to take these script kiddies down.

  • nforce4max
    Interesting how the hackers managed to gain access in the first place as for covering tracks why not already known a group that is well known. The fallout will continue for some time as it may push corporations and governments for more stringer controls over the net in general thus a crack down on activities it deems illegal.
  • mister g
    Personally unless they release this said document, I really wouldn't rush to beleieve that they've found a perpetrator (scapegoat) that quickly.
  • seboj
    If the theft was an actual AnonOp, they would own up to it publicly. They don't hide their exploits.

    More likely that someone used Anon's DDOS attack to help with their own theft, and left the file as a false lead.
  • TheWhiteRose000
    wasn't a second power created just recently to go after sony made of anon's.
    Due to the whole lawsuit with the jail breaker?
  • Well, there are things called undelete, and they can be done to any system and hard drive if you have it in your physical possession. I guess these kids didn't plan on that. LOL! This is why Sony hired a forensics team. They can get things off of burned up hard drives. Retrieving a file off a non-dead hard drive isn't going to be a problem. The thing is... Most people supported jail breaking and everything until this. The support for GeoHot (GeoNot) has gone in to the toilet. Because they aren't truly affecting a big company they are only hurting the people who use the services. Unlike his little stunt with jail breaking. This is considered criminal mischief as well as cyber terrorism. And since he announced he was joining with Anon... I guess they'll show up at his house eventually. Because unless these guys did more than just cover their tracks at Sony... There's a lot more logs out there to show where they've been and what they've been doing. XD It'll be funny to watch them all fry.
  • truchonic
    I knew it!!! for those guys we don't have psn
  • Seboj you're a retard. Yes, whoever hacked PSN please turn yourself in. Please trade your sheltered life of computers for one of ass-ramming 24/7 in prison.
  • MCFCBlue
    All i'm gonna say is Sony will just make a Hollywood film out of it and gain shed loads of money to sort out the entire mess. lol
  • We are Anonymous.

    We are Legion.

    We do not forgive.

    We do not forget.

    Expect us.