Sony has implicated online hacking collective Anonymous in the breach of its PlayStation Network in a letter to members of the US congress.
“When Sony Online Entertainment discovered this past Sunday afternoon that data from its servers had been stolen, it also discovered that the introduders had planted a file on one of those servers named “Anonymous” with the words “We are Legion”," the letter alleged.
The letter [PDF] was signed by Sony Computer Entertainment America’s chairman of the board Kazuo Hirai, who made a public apology last Sunday.
It details the threats Anonymous made to attack Sony over its legal pursuit of PlayStation modder George Hotz, and goes on to say that Sony was the target of distributed denial-of-service attacks by Anonymous.
The collective, which often does sign its commentary with that phrase, has previously denied any involvement in the PlayStation Network outage.
After fingering Anonymous for DDoS attacks, Sony’s letter states that “one or more cyber criminals gained access to PlayStation Network servers at or around the same time that these servers were experiencing denial of service attacks.”
Sony blamed its failure to detect the intrusion on “three possible reasons”: the “sheer sophistication” of the attack, the fact that the hackers exploited a system software vulnerability, or that its security teams were too busy fending off the DDoS to notice the intrusion.