General discussion

Timeline: Sony Hacks & Attacks: Any Updates Are Welcomed :-)

Dear Buzz Gang and Crew,
With so many Sony hack attacks occurring, it is actually hard to remember when all of this started. I decided to place the most current and update-to-date timeline showing all of the activity surrounding the Sony hacks and attacks that have occurred. Links & sources are below.

Any updates that you may have or wish to contribute are welcomed.
Thanks People. Happy

Late 2009: George Hotz, a hacker also known as "geohot" online,
announces his intention to "jailbreak" the PlayStation 3. He aims to
circumvent copyright controls to allow the console to run unauthorized

March 2010: Sony angers some PlayStation 3 owners by removing an option
on the PlayStation 3 to install another operating system. The move give the
quest to jailbreak the console greater impetus.

2 January 2011: George Hotz publishes codes online that allow any
PlayStation 3 owner to jailbreak their machine.

11 January: Sony sues George Hotz and asks for a restraining order to
stop him distributing his jailbreaking software to more PlayStation owners.
It claims he has "enable[d] use or playing of illegal copies of PlayStation
3 video games on the PS3 system".

14 January: George Hotz denies his work supports piracy, saying: "I
made a specific effort while I was working on this to try and enable
home-brewing without enabling things I don't support, like piracy."

2 April: Anonymous, the online activist collective, begins Operation:
Sony, a series of denial of service attacks on Sony websites that it says
are in defense of free speech.

April 4 (Monday) - Hacker group Anonymous targets Sony for denial of service attacks, in retaliation for Sony legal action against George Hotz (aka "GeoHot") and Graf_Chokolo

April 7 (Thursday) - Anonymous halts attacks, apologizes for inconveniencing users, and acknowledges diverse points of view within hacker group

11 April: Sony announces the case has been settled out of court and
that George Hotz has agreed to take down his website.

13 April: Anonymous says it will intensify its attacks and calls for a
day of protest on 16 April. "In the eyes of the law, the case is closed, for
Anonymous it is just beginning? prepare for the biggest attack you have ever
witnessed, Anonymous style," it says in a video message.

16 April: Hackers break in to Sony Online Entertainment, the firms PC
gaming service and steal 25 million users' personal details. Around 23,400
European users' credit card or direct debit details may also have been taken.

17 April: Hackers break in to the PlayStation Network and steal 77
million users' personal details.

April 19 (Tuesday, 4:15 pm PDT) - Sony
Network Entertainment America network team notices unauthorized
activity due to unscheduled server reboots; team begins running logs to
analyze data

20 April: Sony shuts down the PlayStation Network, publicly citing
technical problems.

April 21 (Thursday) - Sony retains a second security and forensic consulting firm; Sony issues a statement suggesting the network could be down for "a day or two"

April 22 (Friday) - Sony
Computer Entertainment America general counsel provides FBI with
information about the intrusion; network team finishes mirroring 9 of
the 10 suspected servers; Sony issues a statement admitting an "external intrusion"

April 23 (Saturday) - Network teams determine that sophisticated hackers deleted log files to hide activity within the network; Sony issues a statement regarding re-building the network infrastructure for better security

April 24 (Sunday) - Sony decides to retain a third forensic team to help determine the scope of the breach

April 25 (Monday) - Forensic teams are able to determine that
user data had been stolen, but could not rule out whether credit card
information had been accessed

Apr. 26 (9:30 a.m. PT) - PlayStation Network outage for 6 days and still no answers available for its customers

Apr. 26 (1:00 p.m. PT) - Later that same day, Sony says billing
addresses, user names, passwords and possibly credit card info
belonging to its PlayStation Network Customers have been stolen. Sony also notifies regulatory authorities in New Jersey, Maryland, and New Hampshire

April 27 (Wednesday) - Sony meets with FBI regarding data intrusion; Sony
notifies the regulatory authorities in Hawaii, Louisiana, Maine,
Massachusetts, Missouri, New York, North Carolina, South Carolina, and
Puerto Rico; Sony tells SOE users that their databases and servers are kept separate, and therefore safe

April 28 (Thursday) - Hacker groups claim
to be selling credit card data; security analysts confirm the
discussions are taking place, but cannot confirm the legitimacy of the
list; one hacker claims to have tried selling to Sony, but Sony denies any knowledge of such a sale. A database of 2.2 million Sony customer credit cards is offered for sale on an underground Internet forum

April 30 (Saturday) - Sony holds a press conference in Tokyo, apologizing for the data theft and detailing the PSN Welcome Back program; Sony says that some services will resume in the coming week

May 1 (Sunday, afternoon) - Sony detects intrusion into Sony Online Entertainment, including a file titled "Anonymous" that reads "We are Legion"

May 2 (Monday, morning) Sony Online Entertainment servers taken offline,
with a brief statement, "we have discovered an issue that warrants
enough concern for us to take the service down effective immediately."

May 2 (Monday) - Sony receives Congressional inquiry; Sony issues a statement that 12,700 credit cards and 24.6 million accounts were compromised in SOE data theft

May 4 (Wednesday) - Sony's Kaz Hirai responds to Congressional inquiry, implicating Anonymous Group

May 5 - NY attorney general subpoenas Sony and the same day the CEO
offers the first apology and explanation for what may have happened

May 6 - According to reports, a security expert testifies to a House
subcommittee that Sony knew it was in possession of outdated security

May 7 - Sony says the PlayStation network might not be up and running as quickly as they thought due to more testing needed

May 12 - Sony announces "perks" post-breach

May 14 - Sony begins relaunch of PlayStation Network in stages

May 16 - Japan's government announces they are waiting for better security measures from Sony

May 25 - Sony discloses compromise of 8,500 Greek user accounts and its sites hit in Thailand and Indonesia.

May 27 - Sony discloses shut down and data loss from Sony
Ericsson's Canada website; data for 2,000 people, including names,
email addresses and encrypted password, appear on The Hacker News web

June 1 - Sony Pictures hacked, over 1 million passwords stolen

June 2 - (Thursday) - The hacker group LulzSec on Thursday posted information it took from
Sony Entertainment and Sony BMG on its site, called the LulzBoat.

June 3 (Friday) - LulzSec taunts the FBI, gathers donations after hack

Any Updates Are Welcomed.
Later people. Happy

Links & Sources:

Discussion is locked
Reply to: Timeline: Sony Hacks & Attacks: Any Updates Are Welcomed :-)
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Timeline: Sony Hacks & Attacks: Any Updates Are Welcomed :-)
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
- Collapse -
Update: New Sony Attacks, Source Code, Sony Brazil

June 5 - The group, which has claimed credit for a prior
attack on Sony's systems, posted what appeared to be Sony BMG network
maps from a New York city office and what they said was 54 megabytes of
Sony developer source code.

June 6 - Sony Corp has once again fallen victim to a hacking attack. The latest site under Sony's ownership to get hit was Sony Music Brazil.


I expect more to come.
Later People.

- Collapse -
Poor Security

Man... I can't believe a major company like Sony had such poor digital security, and - worst of all - did not massively increase security after the first data breach. Talk about not learning from your mistakes.

It wouldn't surprise me if they lose lots of customers over this; most people don't want their credit card information being taken by hackers so easily. Sony really dropped the ball here.

CNET Forums