Sony butts heads with hacker group following data breach
Sony has engaged in a war of words with hacker group Anonymous over the recent cyber attack that resulted in the ongoing suspension of two of its online gaming services.
Earlier this week, Sony submitted a letter to Congress detailing the attack that may have compromised more than 100 million account records on its PlayStation Network and Sony Online Entertainment services. In its letter, Sony said it had notified customers that unauthorized intruders had breached its servers and may have accessed personal data, which may have included credit card information.
While Sony did not accuse the hacker organization outright, it did reveal that whoever is responsible for the attack planted a file named “Anonymous” on one of its SOE servers. The file reportedly included the words “We are Legion” – part of the hacker group’s slogan.
Anonymous fired back with a public statement of its own, denying involvement with the data security breach. The “hactivist” group acknowledged that it has attacked corporate and government institutions in the past, but it said it “has never been known to have engaged in credit card theft.”
The hacker group added that “[m]any of our corporate and governmental adversaries, on the other hand, have been known to have lied to the public about Anonymous and about their own activities.”
It may be important to point out that Anonymous’ decentralized nature may lend itself to hackers breaking rank and conducting rogue attacks in its name. However, regardless of who’s responsible, it is evident that Sony must take some steps to improve its data protection capabilities. While the company is likely to recover financially from the incident, data breaches can have a significant impact on a business’ reputation and can also result in lawsuits and heavy fines from industry regulators.
Sony said it is in the process of enhancing its data protection practices to avoid future breaches. Among the preventative measures are the establishment of a new data center in an undisclosed location and the appointment of a chief information security officer.
As of yet, the company has not restored its PlayStation Network service, which has been down since late April.
Spotlight
Cloud Computing
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
- Desktop virtualization can enhance security performance
- Cybersecurity cooperation becoming military necessity
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- FBI trying to train financial execs on cyber threats
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
[...] Sony CEO Howard Stringer recently told the WSJ that he cannot guarantee cyber security. var addthis_product = 'wpp-257'; var addthis_config = {"data_track_clickback":true,"ui_cobrand":"Simply Security"};var addthis_options = "twitter,facebook,email,favorites,print,stumbleupon";Though Sony has restored service to its PlayStation Network, the company’s CEO recently expressed doubt that his – or any company – could guarantee protection from future data breaches. [...]
Pingback by Sony CEO questions data security | Simply Security on May 18, 2011 at 8:52 am
[...] recently announced that the data breach, which, when first discovered last month was estimated to have impacted 10 million users, may have [...]
Pingback by Severity of Sony breach serves as data security warning | Simply Security on May 18, 2011 at 10:18 am