Less than two weeks before the most recent attack, Anonymous members launched a denial of service attack against the PlayStation Network in protest at Sony’s legal pursuit of hacker George Hotz. Hotz had modified the firmware of a PlayStation 3 so that it could run the Linux OS. Sony claimed the software violated the U.S. Digital Millennium Copyright Act, which prohibits the reverse-engineering of encryption protections.
“While there may be no relation to this attack, the Sony network has also been targeted by the Internet group Anonymous,” said Hirai. “In addition, the personal information on Sony’s top management, including the names of their children, the schools they attend, and the names of other family members, has been published on the Internet. They have also called for protests outside Sony stores around the world.”
“These kinds of cyberattacks may not be limited to Sony. To protect personal information and the safety of the network environment, Sony will cooperate with law enforcement and network security organizations to continuously combat illegal intrusions,” said Hirai.
Hirai said the company hadn’t been able to find any link between Anonymous and the latest attack.
In a posting on a website titled “For Once We Didn’t Do It,” the group said its core had not targeted Sony or the PlayStation Network. But the denial left open the possibility that individuals from the group might have been responsible.
“While it could be the case that other Anons have acted by themselves AnonOps was not related to this incident and takes no responsibility for it,” the statement said.
Hotz, the hacker targeted by Sony, also denied any link with the attack.
“I’m not crazy, and would prefer to not have the FBI knocking on my door,” he wrote in a blog post. “Running homebrew and exploring security on your devices is cool, hacking into someone else’s server and stealing databases of user info is not cool.”
At present, the identity of the hacker or hackers behind the attack remains a mystery.
Sony said there is a high possibility the hacker stole personal information on millions of registered uses, but it has found no evidence that a database of credit card numbers was accessed. If true, that appears to rule out a financial motive behind the attack.
When asked by a reporter for his opinion on a motive behind the attack, Hirai said he could not speculate on the motive.