Hacker group DerpTrolling is at it again, claiming to dox user info stolen from major online networks, but this time it seems the group was caught in a fib.
CNET published a story on Nov. 20 about a list of user information supposedly stolen from 2K Games, Sony’s PlayStation Network, and Microsoft’s Windows Live systems. The allegedly stolen info was posted in a Pastebin doc (which has since been removed), and contained around 5,500 account emails and passwords. The veracity of the breach was almost immediately called into question, as some of the information was repeated from the results of previous data breaches.
After the disastrous PlayStation Network outage in 2011, even a rumor of a data breach in Sony’s online gaming network attracts immediate attention. This might explain why Sony was the first company to respond to the Daily Dot’s request for comment. A Sony representative issued the following statement:
“We have investigated the claims that our network was breached and have found no evidence that there was any intrusion into our network. Unfortunately, Internet fraud including phishing and password matching are realities that consumers and online networks face on a regular basis. We take these reports very seriously and will continue to monitor our network closely.”
Microsoft has also issued a statement to the Daily Dot, to indicate that this data breach was a fake:
“We immediately investigated reports regarding some Microsoft Accounts including Windows Live and Hotmail and can confirm that no Microsoft site or service was compromised. Microsoft takes account security and privacy seriously. Should we identify any specific account at risk for any reason, we will take action to protect the account. To help keep your information safe, we encourage you to set strong passwords, change passwords regularly and avoid using the same password for multiple accounts. For more information on password security, visit our website atwww.microsoft.com/security.”
2K Games did not respond to our requests for comment in time for publication.
DerpTrolling is the hacker group that claimed responsibility in December 2013 for DDoS attacks against Blizzard’s Battle.net, and networks run by Electronic Arts, Riot Games, and Wargaming.net, among others. And in an anticlimactic end to this episode, the Twitter account that announced the fake attack, @GabenTheLord, has been suspended.
Illustration by J/ff Bell/deviantART (CC BY-NC-ND-3.0) used with permission.