1. April 24th
1.1. Easter Sunday
1.1.1. Sony retains the services of a 3rd security and forensic team
1.1.1.1. This time:
1.1.1.1.1. A group with "highly specialized skills"
1.1.1.1.2. Brought in to "determine the scope of the data theft"
2. April 25th
2.1. Security teams confirm account details compromised include:
2.1.1. Name
2.1.2. Address
2.1.3. Country
2.1.4. Email
2.1.5. Birthdate
2.1.6. PlayStation Network/Qriocity password
2.1.7. Login Handle
2.1.8. Network ID
2.2. Security teams are uncertain if 12.3 million global credit cards stored on the servers have been compromised
2.2.1. 5.6 million were from the U.S.
3. April 26th
3.1. Sony Network Entertainment and Sony Computer Entertainment America
3.1.1. Publicly announce the network intrusion
3.1.2. Alert regulatory authorities in
3.1.2.1. New Jersey
3.1.2.2. Maryland
3.1.2.3. New Hampshire
4. April 27th
4.1. Sony Network Entertainment and Sony Computer Entertainment America
4.1.1. Alert regulatory authorities in
4.1.1.1. Hawaii
4.1.1.2. Louisiana
4.1.1.3. Maine
4.1.1.4. Massachusetts
4.1.1.5. Missouri
4.1.1.6. New York
4.1.1.7. North Carolina
4.1.1.8. South Carolina
4.1.1.9. Virginia
4.1.1.10. Puerto Rico
5. May 3rd
5.1. Sony Chairman Kaz Hirai
5.1.1. Sends 8 page official letter to Congressional Subcommittee on Commerce, Manufacturing, and Trade
5.1.1.1. Informs them of the intrusion
5.1.1.2. explains the lead up to the attack
5.1.1.3. how it was first detected
5.1.1.4. the deep impact it is having on the firm
5.1.2. Outlines already imposed heightened security measures including:
5.1.2.1. adding automated software monitoring
5.1.2.2. enhanced levels of data protection and encryption
5.1.2.3. new firewalls
5.1.2.4. moving the data center to a different location
5.1.2.5. hiring a new Chief Information Security Officer
5.1.3. Closing statement:
5.1.3.1. "We ask the Committee to consider as well the connection between data security and the cybercrimes and cyber terrorism that threaten to make the Internet unsafe for consumers and commerce."
6. April 19th
6.1. 4:15 PM PST
6.1.1. Sony Network Entertainment America detects a unauthorized activity on approximately 130 servers
6.1.1.1. more specifically, servers were rebooting when not scheduled to
6.1.1.2. Sony begins to investigate
7. April 20th
7.1. Early afternoon
7.1.1. SNEA engineers discover evidence of an "unauthorized intrusion"
7.1.1.1. data has been removed
7.1.2. SNEA engineers take all PlayStation Network and Qriocity offline
7.1.2.1. 77+million registered users effected
7.1.3. Sony engages the services of a computer forensics and security consulting firm
8. April 21st
8.1. Sony brings in a second security and forensics consultancy to investigate the growing problem
9. April 22nd
9.1. Sony mirrors 9 out of 10 affected servers
9.2. Sony's legal consult alerts the FBI to the security breach
9.3. Sony and The FBI schedule a meeting for April 27
9.4. Sony reveals on their blog that there was a "security intrusion" but no mention of a potential loss of data. No warning to consumers is provided
10. April 23rd
10.1. Afternoon
10.1.1. Forensic teams confirm that intruders used
10.1.1.1. "very sophisticated and aggressive techniques to obtain unauthorized access"
10.1.2. and were able to
10.1.2.1. "hide their presence from system administrators"
10.1.2.2. "escalate privileges inside the server."