Sony offers more details on data theft

Sony is stopping short of making direct accusations, but pointed an accusatory finger at the collective group of hackers who go by ‘Anonymous’. Kaz-hirai

The company, in a letter written to the House Subcommittee on Commerce, Manufacturing and Trade, said it does not yet know who was behind the attack, but it had found a file planted on the server of Sony Online Entertainment named “Anonymous”. (SOE just yesterday announced it had discovered hackers had accessed and stolen information from 25 million accounts.)

“When Sony Online Entertainment discovered this past Sunday afternoon that data from its servers had been stolen, it also discovered that the intruders had planted a file named ‘Anonymous’ on one of those servers, a file containing the statement ‘We are Legion’,” wrote Kazuo Hirai, chairman of the board of Sony Computer Entertainment America.

The letter was written in response to a series of questions the Committee had about the data breach, which has resulted in the personal information of over 100 million customers being stolen. Rather than attending the hearing in person, Hirai sent an eight-page note offering a timeline of events and addressing why the company had waited as long as it did to alert customers.

“I am of course aware of the criticism Sony has received for the time taken to disclose information to our customers,” he wrote. “I hope you can appreciate the extraordinary nature of the events the company was facing. … Throughout the process, Sony Network Entertainment America was very concerned that announcing partial or tentative information to consumers could cause confusion and lead them to take unnecessary actions if the information was not fully corroborated by forensic evidence.”