Sony responds to US Gov grilling over PSN hack

Sony has implicated hacktivist group Anonymous in the attack on the company's PlayStation Network Servers in reply to questions posed by the US House of Representatives.

Kazuo Hirai, chairman of the board of directors of Sony Computer Entertainment America, submitted written answers to questions posed by the subcommittee about the large-scale, criminal cyber-attack.

A scan of the full eight-page letter has been posted on Flickr but a post by Patrick Seybold on Sony's official blog condenses the response nicely.

Sony said that the response to the criminal act followed four key principles:

1. Act with care and caution.
2. Provide relevant information to the public when it has been verified.
3, Take responsibility for our obligations to our customers.
4. Work with law enforcement authorities.

The response also suggested that the very carefully planned, very professional, highly sophisticated criminal cyber-attack was first discovered when Sony discovered that "intruders had planted a file on one of our Sony Online Entertainment servers named 'Anonymous' with the words 'We are Legion'."

Despite publicly threatening to attack Sony on several occasions, the hacking collective maintains that it had nothing to do with the ongoing outage, or the lifting of millions of personal details supplied by PSN subscribers.

"By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken," continues the letter, "and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts."

Sony has still not admitted that any credit card details have been compromised, instead saying, "As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber-attack."

Sony has engaged the services of a number of security outfits in order to beef up its obviously woeful security and says it is working around the clock to reinstate services.