X

Sony blames Anonymous attack as diversion for 100 million data heist

Sony reckons protestors unwittingly provided a smokescreen for cyber thieves to launch the cyberheist that netted unknown wrong'uns data on more than 100 million of its users.

Richard Trenholm Former Movie and TV Senior Editor
Richard Trenholm was CNET's film and TV editor, covering the big screen, small screen and streaming. A member of the Film Critic's Circle, he's covered technology and culture from London's tech scene to Europe's refugee camps to the Sundance film festival.
Expertise Films, TV, Movies, Television, Technology
See full bio
Richard Trenholm
2 min read

Sony reckons protestors unwittingly provided a smokescreen for cyberthieves to pull off the heist that netted the unknown wrong'uns data on more than 100 million of its users.

Sony Computer Entertainment CEO Kazuo Hirai today wrote to US authorities, asserting that a protest by activist collective Anonymous caused a diversion which allowed the "very carefully planned, very professional, highly sophisticated criminal cyber attack" to go unchallenged.

Personal and financial data including email addresses, birth dates and credit card information was stolen from Sony servers, causing the technology giant to close several online services. The Sony Online Entertainment, Qriocity and PlayStation Network are all still offline after the attack. Sony has pledged to extend your subscription for the number of days services were unavailable.

Anonymous is a loose collective of online malcontents that regularly attacks companies and countries perceived to be against freedom of speech. Anonymous rounded on Sony after it threw the book at George Hotz, the cheeky young scamp who hacked the PlayStation 3. Sony has since settled with Hotz, who works under the name Geohot.

Anonymous announced that it would launch attacks on Sony's websites, and Sony claims it was one such attack that paved the way for the data theft. The company says it found a file left on its servers named Anonymous and containing one of the collective's catchphrases: "We are legion."

Sony claims that a denial of service attack launched by Anonymous distracted the company, allowing thieves to breach its servers. In its letter, Sony speculates "whether those who participated in the denial of services attacks were conspirators or whether they were simply duped into providing cover for a very clever thief".

It's not clear what's happened to the stolen data, but the FBI is on the case and Sony has recruited private investigators. Some experts are warning that you should consider cancelling your bank card and changing your passwords just in case, but Sony notes "the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack".

The company is compensating affected users with free downloads and 30 days of free membership in the PlayStation Plus and Music Unlimited services. It will also provide free identity theft protection to US account holders.