Sony has just answered some of the questions asked by the U.S. House of Representatives, who demanded explanations over the recent hacking of both its PlayStation Network servers as well as the Sony Online Entertainment ones at the beginning of the week.
Sony, after the recent hacking of its PlayStation Network, which resulted in the theft of person information from its 70+ million users, saw its Online Entertainment division fall victim to a similar attack, with hackers stealing data of around 24.6 million users that played MMOs like DC Universe Online or Free Realms.
As you can imagine, the U.S. government wasn't too happy about this, and, after a senator demanded answers from Sony last week, held an official hearing at its Subcommittee on Commerce, Manufacturing and Trade.
Sony has answered these questions, and shared some of its observations with the general public by releasing a statement on its PlayStation Blog.
From the highlights below, Sony claims that it was the victim of a vast attack, and even discovered a file on one of its servers called "Anonymous" and containing the phrase: "We are Legion."
For those unaware, this is motto of famous hacker and activist group Anonymous, who attacked Sony in early April, but denied any involvement in the recent PSN outage.
Check out the main highlights emphasized by Sony below.
- Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.
- We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”
- By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.
- As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack.
- Protecting individuals’ personal data is the highest priority and ensuring that the Internet can be made secure for commerce is also essential. Worldwide, countries and businesses will have to come together to ensure the safety of commerce over the Internet and find ways to combat cybercrime and cyber terrorism.
- We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.
Sony has once again said that it wants to get the PlayStation Network back online, but that it can't say for sure when the service is going to be functional again.