This morning on IRC, SecurityWeek received a message pointing to a Pastebin post, where someone claiming connections to Anonymous alleges that Sony’s PlayStation Network (PSN) has been compromised yet again.
There are some problems with the claim itself. First, the message is unsigned, and notes, “…if someone takes credit for this pwnage, he’s a [expletive].”
The author of the message claims to have a database over 50GB in size, containing account details on some 10 million PSN users. However, the message references an email address for prvt.org. The prvt.org domain is parked on GoDaddy, and emails sent to the address bounce with a 550 error (address rejected). Also, the WHOIS information on the domain has been reassigned, the new owner is Lakefront Media.
This is the address, which eventually led the FBI to the door of Sabu. Also known as Hector Xavier Monsegur, Sabu is the Anon most famous for being both the figurehead of LulzSec and the force behind the rebirth of the AntiSec movement, while operating as an FBI informant.
Additionally, data in the Pastebin post looks remarkably similar that of a previous post made back in March of this year.
Last year, between April 17 and 19, someone cracked the PSN and compromised user data stored there. Estimates placed the number of victims at more than 70 million. Word of the breach came after Sony suffered a DDoS attack at the hands of Anonymous for their actions against GeoHot. However, after the DDoS had stopped, the PSN remained offline. It was then that Sony announced the breach, leading many gamers to blame Anonymous for that as well.
In early May, Sony announced that the Sony Online Entertainment network was breached shortly before the PSN, adding an additional 24 million customers to the list of people exposed by the previously reported security incident.
Those two incidents led to a month-long PR backlash and news cycle that would hammer Sony constantly for weeks. If the PSN was breached a second time, this could be bad for the entertainment giant.
SecurityWeek has reached out to Sony for comment, and will update this story if a response is received.