Sony claims Anonymous attack in letter to U.S. Representatives

The attack on PlayStation Network was a “very carefully planned, very
professional, highly sophisticated criminal cyber-attack designed to
steal personal and credit card information for illegal purposes
,” Sony Computer Entertainment asserted in a letter to members of Congress.

From the Associated Press:

Sony first disclosed the
attack last week and said it may have compromised credit card data,
email addresses and other personal information from 77 million user
accounts. On Monday, Sony said data from an additional 24.6 million
online gaming accounts also may have been stolen.

The company
has shut down the affected systems while it investigates the attacks
and beefs up security. (Sony Computer Entertainment Chairman Kazuo) Hirai said Sony is working “around the clock to
get the systems back up and to make sure all our customers are informed
of the data breach and our responses to it.”

Hirai also asserted in the letter that his company’s investigation found “the intruders had planted a file on one of those servers named ‘Anonymous’ with the words  ‘We Are Legion.'”

Anonymous known for its hacking or “hacktivist” attacks on whomever its members (?) don’t like, threatened Sony in an April 3 posting on the AnonOps Communications blog after Sony pursued legal action against George Hotz, AKA Geohot, the hacker who figured out and told the world how to jailbreak the PlayStation 3.

Sony and Geohot settled out of court, but not until after Sony won a federal magistrate’s approval to subpoena Geohot’s Internet provider to learn who visited his site.

Nonetheless, an April 24 posting headlined “For Once We Didn’t Do It” on AnonOps denies any official Anonymous attack on PlayStation Network. Whoever wrote the post, however, acknowledged that wildcat “Anons” may have acted on their own volition.

I honestly have no idea how Anonymous functions and if it can even be described accurately as an “organization.” What I do know, however, is that Sony has already confirmed that whoever is responsible for the data breach would have been able to access users’ identifying information, which is never a pleasant thought for anyone whose data could be compromised.

The oft-irreverent Gawker reports Anonymous fears a “nerd backlash” following allegations that their members (again, ?) are responsible for keeping gamers away from online play.

Anonymous has come to realize that attacking Sony’s PlayStation
Network alienates a powerful group of potential supporters: nerds. The
point was proved after Anonymous launched an unrelated attack on Sony in early April that briefly took down the PlayStation Network, in retaliation for Sony suing
a kid who bypassed the Playstation 3’s security systems. The attack
sparked a nerd backlash which crippled Anonymous chat servers with
retaliatory strikes and was generally a PR disaster.

“All the Sony kids were flooding the [Anonymous chat servers] and
whining and complaining,” said Gregg Housh an activist associated with
Anonymous. An attack on Sony’s PlayStation Network “pisses off a lot of
people they want as fans not enemies.” A similar concern was voiced last
December when Anonymous contemplated attacking Amazon in revenge for it
banning Wikileaks: One reason for not attacking was concern that the attack might anger people who were trying to do holiday shopping.

(Hotlinks in original.)

Sony has not reported the confirmed compromising of credit card data and asserts major credit card companies have not notified Sony of any fraudulent activity likely to be rooted in the April data breach.