Sony reckons protestors unwittingly provided a smokescreen for cyberthieves to pull offthat netted the unknown wrong'uns data on of its users.
Sony Computer Entertainment CEO Kazuo Hirai today wrote to US authorities, asserting that a protest by activist collective Anonymous caused a diversion which allowed the "very carefully planned, very professional, highly sophisticated criminal cyber attack" to go unchallenged.
Personal and financial data including email addresses, birth dates and credit card information was stolen from Sony servers, causing the technology giant to close several online services. The Sony Online Entertainment, Qriocity and PlayStation Network are all still offline after the attack. Sony has pledged to extend your subscription for the number of days services were unavailable.
Anonymous is a loose collective of online malcontents that regularly attacks companies and countries perceived to be against freedom of speech. Anonymous rounded on Sony after it threw the book at PlayStation 3. Sony has since settled with Hotz, who works under the name Geohot., the cheeky young scamp who hacked the
Anonymous announced that it would launch attacks on Sony's websites, and Sony claims it was one such attack that paved the way for the data theft. The company says it found a file left on its servers named Anonymous and containing one of the collective's catchphrases: "We are legion."
Sony claims that a denial of service attack launched by Anonymous distracted the company, allowing thieves to breach its servers. In its letter, Sony speculates "whether those who participated in the denial of services attacks were conspirators or whether they were simply duped into providing cover for a very clever thief".
It's not clear what's happened to the stolen data, but the FBI is on the case and Sony has. Some experts are warning that you should consider just in case, but Sony notes "the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack".
The company is compensating affected users with free downloads and 30 days of free membership in the PlayStation Plus and Music Unlimited services. It will also provide free identity theft protection to US account holders.