Cybercriminals left a file named "Anonymous" on the servers of its online entertainment network, Sony said overnight, but it stopped short of directly accusing the internet vigilante group of carrying out the attack.
Sony, in a letter to a US congressional committee investigating data theft, provided its most detailed explanation yet of the hacker attacks on Sony Online Entertainment, the PlayStation Network and Qriocity streaming music service.
Personal information such as the user names, passwords, addresses and birth dates of more than 100 million people may have been compromised in the attacks and the intruders may also have made off with credit and debit card data.
Sony, in the letter to the House Subcommittee on Commerce, Manufacturing and Trade, noted that the large-scale data theft came shortly after the PlayStation network suffered distributed denial of service (DDoS) attacks from the loose knit group of "hacktivists" known as Anonymous.
Anonymous had vowed retribution against Sony for taking legal action against hackers who cracked PlayStation 3 (PS3) defences to change console operating software.
In a typical DDoS attack, a large number of computers are commanded to simultaneously visit a website, overwhelming its servers, slowing service or knocking it offline completely.
Anonymous has taken credit for the DDoS attacks but denied involvement in the data theft.
"What is becoming more and more evident is that Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyberattack designed to steal personal and credit card information for illegal purposes," Sony Computer Entertainment America chairman Kazuo Hirai said in the letter to the congressional committee.
He said intruders who stole data from Sony Online Entertainment servers "had planted a file on one of those servers named 'Anonymous' with the words 'We are Legion,'" the Anonymous motto.
"Just weeks before, several Sony companies had been the target of a large-scale, coordinated denial of service attack by the group called Anonymous," Hirai noted.
"Almost two weeks ago, one or more cybercriminals gained access to PlayStation Network servers at or around the same time that these servers were experiencing denial of service attacks," he said.
"Whether those who participated in the denial of service attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know," the Sony executive said.
"In any case, those who participated in the denial of service attacks should understand that - whether they knew it or not - they were aiding in a well planned, well executed, large-scale theft that left not only Sony a victim, but also Sony's many customers around the world," he said.