May 6, 2011

‘Anonymous’ Denies Role In Sony Network Breach

The Internet activist group Anonymous denied any involvement in a cyber-attack on Sony Corp.'s networks that exposed the personal data of more than 100 million PlayStation and Online Entertainment network accounts.

"Let's be clear, we are legion, but it wasn't us. You are incompetent Sony," wrote Anonymous on its blog (anonops.blogspot.com) on Thursday.

Sony had claimed that its video game network was breached at the same time it was defending itself against a major denial of service (DoS) attack by Anonymous. Although the company stopped short of directly accusing Anonymous of conducting the data theft, it said the grass roots "hacktivist" group did bear some responsibility.

A DoS attack typically involves large numbers of computers that simultaneously visit a certain website, overwhelming its servers and slowing or shutting down service.

Anonymous strongly disputed any suggestion it was involved in the breach.

"We are trying to fight criminal activities by corporations and governments, not steal credit cards," Anonymous said in a statement published on a Facebook page.

"Anonymous has never been known to have engaged in credit card theft," the statement read.

"If a legitimate and honest investigation into the credit card theft is conducted, Anonymous will not be found liable."

Anonymous carried out cyber-attacks last year against U.S. companies that withdrew services to WikiLeaks, and had pledged retribution against Sony for taking legal action against hackers who altered the console operating software of Sony's PlayStation 3.

In the letter sent on Wednesday to the House Subcommittee on Commerce, Manufacturing and Trade, Sony pointed out that the breach of its network came shortly after the PlayStation Network suffered the DoS attacks from Anonymous.

"Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," the letter read.

"In any case, those who participated in the denial of service attacks should understand that -- whether they knew it or not -- they were aiding in a well-planned, well-executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world."

Personal data, including user names, passwords, addresses and birth dates, of some 100 million accounts may have been compromised by the breach.  The perpetrators may also have also stolen credit and debit card data.

But Anonymous insisted that the group does not engage in such data theft.

"While we are a distributed and decentralized group, our 'leadership' does not condone credit card theft," the group said in their statement.

"We are concerned with erosion of privacy and fair use, the spread of corporate feudalism, the abuse of power and the justifications of executives and leaders who believe themselves immune personally and financially for the actions they undertake in the name of corporations and public office."

Sony temporarily shut down its PlayStation Network in the wake of the cyber-attack.  The network connects PS3 consoles to online games, movies and more.

Players are still able to participate in games offline on consoles, but can no longer challenge others over the Internet.


On the Net: