According to the response, published on Sony's PlayStation blog, Sony has discovered a file named "Anonymous" planted on one of the Sony Online Entertainment servers. The file reportedly contains the words "We are Legion," which is the unofficial slogan of the unofficial group.
Anonymous has responded to the indirect accusation by insisting that it is not responsible for the attack. In a public statement on Wednesday, Anonymous said that "No one who is actually associated with our movement would do something that would prompt a massive law enforcement response," and that "Anonymous has never been known to have engaged in credit card theft."
Sony and Anonymous: Not the Best of Friends
It's not far-fetched to suggest that Anonymous may have had something to do with the recent PSN outage -- after all, around the same time as the shutdown occurred, Sony and Anonymous were at odds with each other.
In mid-April, Anonymous took issue with Sony's hard-handed treatment of PlayStation hacker George "Geohot" Hotz. Anonymous was allegedly in the process of conducting denial-of-service (DDoS) attacks against Sony around the same time as the PSN shutdown.
Anonymous was quick, however, in the days following the PSN shutdown, to stress that it was not at fault for the attack. Of course, it's important to note the decentralized nature of Anonymous -- there is no structure within the group, and anyone can be a part of Anonymous. Thus, it's possible that a renegade cell identifying with Anonymous may be responsible for the data theft.
No Explicit Accusations
The letter to Congress, written by Chairman of the Board of Directors of Sony Computer Entertainment America, Kazuo Hirai, does not explicitly accuse Anonymous of hacking the PlayStation Network. Rather, the letter says that Sony is working with law enforcement to identify the responsible parties, and is leery of sharing too much information at the moment.
"The information is the subject of an ongoing criminal investigation and also the information could be used to exploit vulnerabilities in systems other than Sony's that have similar architecture to the PlayStation Network," Hirai writes.
However, Hirai does point out that Sony found a file labeled "Anonymous" on one of its servers, and that the PSN hack occurred at the same time as Anonymous was allegedly conducting DDoS attacks. This suggests that Sony may have had a change of heart -- or discovered more evidence -- since Sunday, when Hirai publicly stated that Sony had no evidence that Anonymous was responsible for the attack.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.