(SNE) - Get Sony Corp. Report In a letter sent to the House Energy and Commerce Committee this week, Sony chairman Kazuo Hirai revealed the mysterious circumstances surrounding the recent attack on its online entertainment division. Hirai explained that, when the division found out that data from its servers had been stolen on Sunday, it also discovered that intruders had planted a file on one of the servers named "Anonymous" with the words "We Are Legion."
"Just weeks before, several Sony companies had been the target of a large-scale, coordinated, denial of service attack by the group called Anonymous," wrote Hirai. "The attacks were coordinated against Sony as a protest against Sony for exercising its rights in a civil action in the United States District Court in San Francisco against a hacker."
Hirai added, however, that the denial of service attacks may have also been timed to coincide with an earlier breach, which saw Sony's Playstation Network infiltrated. "Almost two weeks ago, one or more cyber criminals gained access to the Playstation Network servers at or around the same time that these servers were experiencing denial of service attacks," he wrote. "Our security teams were working very hard to defend against denial of service attacks, and that may have made it more difficult to detect this intrusion quickly -- all perhaps by design."
Sony subsequently warned its 77 million users that their private account details, such as passwords addresses and credit cards, may have been compromised after the Network was infiltrated by the unknown hacker.
On the Sunday following the second incident, the company said that hackers may have stolen personal information from about 24.6 million accounts at the online entertainment division, which makes multiplayer online games.
"What is becoming more and more evident is that Sony has been the victim of a very carefully planned, very professional, highly sophisticated, criminal cyber attack designed to steal personal and credit card information for illegal purposes," said Hirai, in his letter. "Sunday's discovery that data had been stolen from Sony Online Entertainment only highlights this point."
The consumer electronics giant has attracted heavy criticism after announcing the two major data breaches, with Sen. Richard Blumenthal (D., Conn.), in particular, slamming the company's inability to protect customer data.
On Wednesday Sony told TheStreet that it is working with data forensics specialist Guidance Software (GUID) to catch the hackers that breached its PlayStation Network, as well as privately-held Data Forté. The company is also working with business consultancy Protiviti, a subsidiary of Robert Half International (RHI) - Get Robert Half International Inc. Report , to clean up after the attack, it said.
Sony, which is working closely with the FBI to find out how its systems were compromised, said it is also rethinking its security strategy. In his letter to the House Energy and Commerce Committee, Hirai outlined a number of measures to prevent future breaches. These include automated software monitoring and configuration management, enhanced levels of encryption and additional firewalls.
Sony is also speeding up the move of its PlayStation Network system to a new data center in a different location, according to Hirai, who says that this will offer enhanced security.
The company will also be naming a new Chief Information Security Officer who will report directly to the company's Chief Information Officer, he said.
—For the best rates on loans, bank accounts and credit cards, enter your ZIP code at BankingMyWay.com.