By Ian Sherr
New details emerged about Sony Corp.’s investigation into one of the biggest data breaches in history, as the company attempts to piece together who stole personal information from more than 100 million accounts on its online game networks.
At least some of the attacks came from a Malaysia-based server, a person familiar with the matter said, though it wasn’t clear if any of the hacking was actually done from there, or whether only the server there was used.
On Tuesday, a U.S. spokesman for Sony confirmed some of the companies helping to investigate the breach and secure its network against further intrusions. The security firms named are Protiviti Inc., Guidance Software Inc. and Data Forté Corp., which specialize variously in forensic computer investigations and security consulting.
The company has also retained the services of the law firm Baker & McKenzie in connection with the matter. Representatives of the law firm and two of the security firms didn’t respond to requests for comment. Guidance Software declined to comment.
Political pressure on Sony for a more complete accounting of its handling of the data breach has been increasing. Sen. Richard Blumenthal (D., Conn.) on Tuesday sent a letter to Sony executives saying he is “deeply concerned about the egregious inadequacy of Sony’s efforts thus far to notify its customers of these breaches or to provide adequate protections for users whose personal and financial information may have been compromised.”
(Published May 4, 2011, in The Wall Street Journal.)