To say things have been pretty bad for Sony lately would be like saying the Hindenburg was a “small fire.” PSN is still down and, despite Sony saying otherwise, we’re still not 100% sure on when it’ll be working again. It’s common knowledge that credit card information was compromised, and many gamers have lost faith in Sony as a result. U.S. Congress has asked Sony to give the necessary information on the initial attack, and Sony has finally done so.

Sony Chairman of the Board of Directors, Kazuo Hirai, sent a letter to the Subcommittee on Commerce, Manufacturing and Trade of the U.S. House of Representatives Committee on Energy and Commerce, detailing information about the infamous hacking of PSN and Sony’s response to it. Sony told the subcommittee that they follow four key principles in regards to responding to the attack:

  1. Proceed with care and caution.
  2. Provide information only when it was verified.
  3. Take responsibility for their actions.
  4. Work with the authorities.

How well they succeeded in this is really up to you readers.

For the most part, the information given was nothing we weren’t aware of, except for two glaring pieces. Firstly, that the credit card companies have not reported any odd transactions that are directly connected to the attack. While this is good news, it certainly raises some questions about all the credit card numbers that were reported to be in danger, as well as previous accounts of strange purchases on some cards, which may simply have nothing to do with the PSN outage.

The other and particularly intriguing bit of info was that the hackers planted a file on the Sony Online Entertainment servers, titled “Anonymous” that contained the text “We Are Legion.” This either directly contradicts Anonymous’ claim that they weren’t responsible for the attack, despite their ongoing feud with Sony, or someone is setting them up. It could just be a case of someone else trying to stir the pot, but it only serves to raise even more questions in regards to the hacking, and whether or not anyone’s information will be safe in the future.

Sony finished by saying that are working long and hard to get PSN back up and running as soon as possible, and brought up the compensation package again as their way of apology.

Here are their own words from today’s PSN update:

  • Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.
  • We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”
  • By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.
  • As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack.
  • Protecting individuals’ personal data is the highestpriority and ensuring that the Internet can be made secure for commerce is also essential. Worldwide, countries and businesses will have to come together to ensure the safety of commerce over the Internet and find ways to combat cybercrime and cyber terrorism.
  • We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.

What are your thoughts on Sony’s methods in responding to this attack? Is Anonymous really responsible as Sony says they are? Is there someone else trying to keep the feud between the two groups going?

Leave your thoughts in the comment section below.

Source: PlayStation Blog

tags: PS3, PSN, PSP, Sony