Sony partially blames online vigilante group Anonymous for data breach

May 4, 2011 3:34 PM PT

This article was originally on a blog post platform and may be missing photos, graphics or links. See About archive blog posts.

Sony told U.S. lawmakers that the Internet vigilante group Anonymous indirectly allowed a network attack that exposed the personal data of millions of customers.

In a letter to the House Energy and Commerce Committee’s panel on commerce, manufacturing and trade, Sony said that it discovered a file planted on one of its servers named ‘Anonymous’ with the words ‘We are Legion,’ the tagline for the group that has brought down the websites of big corporations such as Visa, the letter said.

Sony’s network may have been breached while it was defending itself against a denial-of-service attack from Anonymous, Sony said. The online activists were protesting a civil suit Sony brought in federal court in San Francisco against a hacker.

“Whether those who participated in the denial-of-service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know,” the letter said.

‘Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack designed to steal personal and credit card information for illegal purposes,” the letter said. Sony said the company earned of the first breach on April 19 and shut down the PlayStation Network the following day. The company informed account holders that their personal data was potentially exposed about a week later.

In response, Anonymous released a statement Wednesday denying the allegations, but did allow that individual members may have been involved.

‘Sony is incompetent,’ the group said. ‘While it could be the case that other Anons have acted by themselves AnonOps was not related to this incident and takes no responsibility.’

Also on Wednesday, U.S. Atty. Gen. Eric Holder told the Senate Judiciary Committee that the Justice Department had opened an investigation into ‘those hacking situations that have gotten publicity over the last few weeks, the Sony incident among them.’

New York Atty. Gen. Eric Schneiderman on Wednesday subpoenaed three Sony divisions -- Sony Computer Entertainment, Sony Network Entertainment and Sony Online Entertainment -- for documents regarding their security, CNBC reported.

Sony says hacker may have stolen information from 24.6 million additional accounts

Sony says PlayStation Network credit-card data was encrypted

-- Shan Li

Technology Blog

Shan Li

Shan Li covered the retail and restaurant industries for the Los Angeles Times. She previously reported on the California economy and the technology sector. A Texas native, she graduated from the business school at New York University, where she decided journalism was much more interesting than a job on Wall Street. She left The Times in 2017.

Sony partially blames online vigilante group Anonymous for data breach

These are the California cities where $150,000 still buys you a home. Could you live here?

How the Birkin bag, the ultimate fashion trophy, became criminal currency

Nix the oven? A skinny fridge? Tips on designing a tiny kitchen in your ADU

Reggie Bush and USC get Heisman Trophy back 14 years after it was forfeited

Plaschke: Dagger! Lakers’ epic collapse vs. Nuggets could send them reeling into summer