It feels like ages ago PlayStation Networkwas compromised, but despite weeks of investigation into the matter, Sony still doesn't have conclusive evidence on a number of key factors about the intrusion.
These updates come from the latest answers submitted by PlayStation executive Kaz Hirai, responding to the House Energy and Commerce Committee's subcommittee on Commerce, Manufacturing, and Trade. Hirai and this subcommittee last discussed PSN through letter writing in early May, not long after the attack took place, PSN went down, accounts were exposed and Congress started questioning.
This comes in advance of Sony Network Entertainment president Tim Schaff appearing before the same subcommittee next Tuesday to answer in person. Hirai started by apologizing for that.
The letter is addressed for yesterday, May 26.
"I would like to take this opportunity to express my sincere gratitude to the committee for its appreciation of the gravity of the situation that Sony faced and, accordingly, allowing Sony to defer an appearance before the Committee," said Hirai. "Sony was unable to appear before the Committee due to exigent circumstancesSony was under attack and it was critically important that our key personnel remain available and ready to address critical issues as our network and game service operations were preparing to come back on line."
As it stands, Sony cannot conclusively say who was behind the attack. It does believe the same hacker or hackers was also behind Sony Online Entertainment's intrusion. The company continues to investigate, calling it an "ongoing criminal investigation," but the individuals remain elusive.
"We have not yet identified the individual or individuals responsible for the actual intrusion and breach into our systems," said Hirai. "We are continuing to work with the FBI to apprehend those responsible."
One day, it'll be all better, ya'll.
Some same auora of mystery also hangs around the data itself, with Sony unable to confidently say what or how much data was accessed. That said, it hasn't seen "forensic or circumstantial" evidence that credit card information was taken. Nonetheless, it still cannot entirely rule out the possibility.
"We have information that suggests what the hacker was accessing and what the hacker may have downloaded, but we are unable to determine conclusively whether information was actually taken from all orjust a portion of the user accounts," said Hirai. "Unfortunately we cannot confirm whether the hacker was completely successful in taking all of that information off the servers, or just a subset of it; in an abundance of caution, Sony advised all of its customers that it believed that the data had been obtained."
One final point the subcomittee was concerned about related to comments made by Sony CEO Howard Stringer about how it's impossible to "guarantee" a network will ever be totally safe.
"Mr. Stringer sought to emphasize that no individual, corporation, or government entity, standing alone, can truly guarantee security in a world of very sophisticated hackers, cyber attacks, and cyberterrorism," said Hirai. "Sony is implementing betterand more robust security measures to protect our customers. But just as individuals and businesses have come to rely on multiple law enforcement agencies for physical protection, we believe the private sector will need the assistance and support of government and law enforcement to help secure e-commerce and lT systems to stay ahead of and curtail the activity of cyber criminals and cyber terrorists."
Perhaps we'll learn more on Tuesday.
Want to read the whole letter from Hirai? I've attached it below.
0 comments:
To: Congress, From: Sony--We Still Don't Know Who Hacked Us, Don't Believe Credit Card Data Taken
Post a Comment