“Anonymous” file found on server, Sony tells Congress

Wednesday, 4 May 2011 16:58 GMT By Stephany Nunneley

Sony has issued a response to a US Congress subcommittee following the PSN hacker hearing held earlier today, revealing it found a file on its server saying, “We are legion”.

The hearing was viewable live on C-SPAN.

Following the downtime of the US and EU service for over two weeks after hacker activity and the compromise of user details, Australian and US Congressional hearings have taken place over the last couple of days.

Today, Kazuo Hirai, chairman of the board of directors at SCEA, submitted written answers to questions posed by the subcommittee regarding the PSN breach, and the firm’s US director of corporate communications, Patrick Seybold, shared the documents via the US PS Blog.

Sony has now said it found a file named “Anonymous” on one of its servers with the words “We are Legion” attached to it.

“In summary, we told the subcommittee that in dealing with this cyber attack we followed four key principles: Act with care and caution, provide relevant information to the public when it has been verified, take responsibility for our obligations to our customers, and Work with law enforcement authorities,” said Seybold.

“We also informed the subcommittee of the following: Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.

“We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named ‘Anonymous’ with the words “We are Legion.” By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.

“As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack. Protecting individuals’ personal data is the highest priority and ensuring that the Internet can be made secure for commerce is also essential. Worldwide, countries and businesses will have to come together to ensure the safety of commerce over the Internet and find ways to combat cybercrime and cyber terrorism.

“We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.

“We told the subcommittee about our intent to offer complimentary identity theft protection to U.S. account holders and detailed the ‘Welcome Back’ program that includes free downloads, 30 days of free membership in the PlayStation Plus premium subscription service; 30 days of free service for Music Unlimited subscribers; and extending PlayStation Plus and Music Unlimited subscriptions for the number of days services were unavailable.

“We are working around the clock to have some PlayStation Network services restored and we’ll be providing specific details shortly. We hope this update is helpful to you, and we will continue to keep you posted as we work to restore our network and provide you with both the entertainment and the security you deserve.”

Hacker group Anonymous had previously stated it had nothing to do with the PSN breach, at least as a group effort. However, the firm was responsible for bringing PSN down for part of a day in early April, apparently using DDOS attacks.

After a public backlash, the group said it would no longer attack PSN, but instead suggested a sit-in protest at Sony stores, which failed to gain traction with consumers.

It was reported earlier today that a third security firm had been employed by Sony to aid in the PSN hacking investigation – an investigation that now involves US Homeland Security and the FBI.

Latest