Anonymous the group that has been accused of hacking into Sony’s Playstation Network and stealing 77 million user records has denied any involvement in the crime that is now being investigated by the FBI.
Wearing their traditional trademark masks, at an event in Los Angeles members of Anonymous said “We didn’t do it”, they have also denied all responsibility for the Sony shutdown.
What is emerging is how the attackers could have got access to the Sony network which generates revenues of over $500 Million dollars.
The company said user account information for the PlayStation Network and its Qriocity service users was compromised between April 17 and April 19.
Alan Paller, research director of the SANS Institute, said the breach may be the largest theft of identity data information on record. He said that Sony probably did not pay enough attention to security when it was developing the software that runs its network.
‘They have to innovate rapidly. That’s the business model,’ Mr Paller said. ‘New software has errors in it. So they expose code with errors in it to large numbers of people, which is a catastrophe in the making.’
He suspected the hackers entered the network by taking over the PC of a system administrator, who had rights to access sensitive information about Sony’s customers.
They likely did that by sending the administrator an email message that contained a piece of malicious software that got downloaded onto his or her PC.
Access to the PlayStation Network was suspended a week ago, however Sony only revealed details of data theft today despite knowing that the network had been compromised on the 17th of April 2011.
Sony said it believed hackers have obtained the following details from its PlayStation Network users:
Name
Address details including postcode, city and country
Email address
Date of birth
PlayStation Network / Qriocity passwords and login
Handle / PSN online ID
A spokesman for Sony said it took ‘several days of forensic investigation’ after learning of the breach before the company knew consumers’ data had been compromised.
Sony apper to have put the launch of two new tablets ahead of telling consumers that their personal records hyave been compromised when they announced details of the breach hours after the glitzy launch of their new tablet PC in Tokyo late last night.
One user said: ‘If you have compromised my credit information, you will never receive it again. The fact that you’ve waited this long to divulge this information to your customers is deplorable. Shame on you.’
‘This is a huge data breach,’ said Wedbush Securities analyst Michael Pachter, who estimated Sony generates $500million in annual revenue from the service.
‘The bigger issue with Sony is how will the hacker use the info that has been illegally obtained?’
Sony said it had hired an ‘outside recognised security firm’ to investigate.
