Anonymous denies hacking Sony, stealing credit cards

Sony reverses itself, now says hacker group at least assisted in breach

The hacking group Anonymous has denied responsibility for the attack on Sony's networks, claiming that it has "never...engaged in credit card theft."

In a long statement posted to the Daily KOS site, the group said others were trying to frame it for the hack of Sony's PlayStation and Online Entertainment networks.

"Whoever broke into Sony's servers to steal the credit card info and left a document blaming Anonymous clearly wanted Anonymous to be blamed for the most significant digital theft in history," said Anonymous. "No one who is actually associated with our movement would do something that would prompt a massive law enforcement response."

Although Sony declined to testify yesterday before a House subcommittee investigating data breaches, in its written response Tuesday to questions ( download PDF ) the company said Anonymous was at least partially responsible for the hacks because it had conducted denial-of-service (DoS) attacks against Sony in the weeks prior to the credit card hack.

"Whether those who participated in the in the denial of services attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," said Sony. "In any case, those who participated in the denial of service attacks should understand that -- whether they knew it or not -- they were aiding in a well planned, well executed, large-scale that that left not only Sony a victim, but also Sony's many customers around the world."

Sony also said the credit card hackers had left a file named "Anonymous" on one of its servers. The file contained the words "We are legion," a trademark phrase of the group.

"Anonymous has never been known to have engaged in credit card theft," the group countered Wednesday.

Tuesday's accusations that Anonymous may have been involved was a reversal for Sony.

In a Tokyo press conference Monday, Kaz Hirai, CEO of Sony's games subsidiary, said the company had not found find any link between Anonymous and the newest attacks.

Anonymous had denied responsibility for the Sony network breaches before. On April 22, it issued a statement titled, "For Once We Didn't Do It" that argued "Sony is taking advantage of Anonymous' previous ill-will toward the company to distract users from the fact that the [PlayStation Network] outage is actually an internal problem with the company's servers."

The group had taken credit for the DoS attacks against Sony two weeks before the April breach. Those attacks were launched as a protest of Sony's legal pursuit of George Hotz, who had hacked the PlayStation 3 to run Linux OS.

Hotz, who settled with Sony, has also said he had nothing to do with the network attacks.

"I'm not crazy, and would prefer to not have the FBI knocking on my door," Hotz said in an April 28 blog post . "Hacking into someone else's server and stealing databases of user info is not cool. You make the hacking community look bad, even if it is aimed at douches like Sony."

But Hotz also said Sony had essentially reaped the whirlwind.

"The fault lies with the executives who declared a war on hackers, laughed at the idea of people penetrating the fortress that once was Sony, whined incessantly about piracy, and kept hiring more lawyers when they really needed to hire good security experts," said Hotz. "Alienating the hacker community is not a good idea."

It would obviously be in Anonymous' interest to deny responsibility for the credit card theft. Sony contacted the Federal Bureau of Investigation (FBI) three days after it discovered the intrusion, and five days later met with the agency to provide details of the attack.

The FBI, along with law enforcement authorities in other countries, have been pursuing Anonymous since last year, when the group targeted a large number of Web sites -- including those for Amazon, PayPal, MasterCard and Visa -- for withdrawing services from Wikileaks , the document leaking organization that began publishing U.S. diplomatic cables in November 2010.

In December 2010 and January 2011, the FBI seized hardware from several U.S. Internet service providers, then executed dozens of search warrants in its search for Anonymous.

Sony took its PlayStation Network offline on April 20. As of today, that network, as well as the Online Entertainment network, was not operational.

The company told Congress on Tuesday that it had not identified the people who broke into its servers and lifted the personal information -- and possibly credit card numbers, as well -- of millions of customers.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed. His e-mail address is

Read more about security in Computerworld's Security Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitysony

More about Amazon Web ServicesAppleFBIFederal Bureau of InvestigationLinuxMicrosoftPayPalSonyTopicVisa

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gregg Keizer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place