Sony has engaged in a war of words with hacker group Anonymous over the recent cyber attack that resulted in the ongoing suspension of two of its online gaming services.
Earlier this week, Sony submitted a letter to Congress detailing the attack that may have compromised more than 100 million account records on its PlayStation Network and Sony Online Entertainment services. In its letter, Sony said it had notified customers that unauthorized intruders had breached its servers and may have accessed personal data, which may have included credit card information.
While Sony did not accuse the hacker organization outright, it did reveal that whoever is responsible for the attack planted a file named “Anonymous” on one of its SOE servers. The file reportedly included the words “We are Legion” – part of the hacker group’s slogan.
Anonymous fired back with a public statement of its own, denying involvement with the data security breach. The “hactivist” group acknowledged that it has attacked corporate and government institutions in the past, but it said it “has never been known to have engaged in credit card theft.”
The hacker group added that “[m]any of our corporate and governmental adversaries, on the other hand, have been known to have lied to the public about Anonymous and about their own activities.”
It may be important to point out that Anonymous’ decentralized nature may lend itself to hackers breaking rank and conducting rogue attacks in its name. However, regardless of who’s responsible, it is evident that Sony must take some steps to improve its data protection capabilities. While the company is likely to recover financially from the incident, data breaches can have a significant impact on a business’ reputation and can also result in lawsuits and heavy fines from industry regulators.
Sony said it is in the process of enhancing its data protection practices to avoid future breaches. Among the preventative measures are the establishment of a new data center in an undisclosed location and the appointment of a chief information security officer.
As of yet, the company has not restored its PlayStation Network service, which has been down since late April.