After the malicious attack that brought the PSN network down, we’re finally piecing together what happened in one of the biggest data breaches in history. According to a letter sent by Sony’s Chairman of the Board of Directors of SCEA Kazuo Hirai to the subcommittee hearing of congress last May 4 (in which Sony was absent), Sony was a victim of a “of a very carefully planned, very professional, highly sophisticated criminal cyber attack.”
In addition, Hirai says that in his letter that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion”” – a common calling card left after the groups’ attack. He further explains that previous DDoS attacks from the group served as fuel to the fire, with the malicious entry happening “at or around the same time as these servers were experiencing a series of denial of service attacks.”
The letter also tells of Sony’s detection of the attacks around April 19, 2011 at around 4:15 PDT, with the discovery of unauthorized transfer of data (possibly user account information) occurring on April 20, 2011. The delay between detection, confirmation and announcement to the public that their accounts have been compromised was a direct result of the scope of the intrusion and the software and hardware involved – 77 million accounts, 130 servers and 50 software programs.
Source: Playstation Blog