Was just reading a little bit about past DDoS attacks and found out this happened to Sony hopefully this isn’t going to happen to Bovada but here some info on what occurred to them
It began with Anonymous, the umbrella-term hacktivist group which had been bombarding Sony’s servers with distributed denial of service (DDOS) attacks. Anonymous had brought PSN to its knees several times in April 2011 in the run-up to the actual privacy breach.
Anonymous was upset with Sony’s “wholly unforgivable” legal actions against PS3 jailbreaker George “Geohot” Hotz. In Anonymous’ eyes, the information Geohot had discovered - how to run pirated games, how to run homebrew software - was now in the public domain, and if anything, Hotz had done Sony a favour by exposing the company’s own loophole.
The group eventually halted its attacks, accepting they were only hurting Sony’s end users: the gamers. But, a couple of weeks later, on 19th April 2011, PSN was hit again. This time, it was different.
Two days passed, then Sony itself quietly pulled PSN offline.
“As you are no doubt aware, the current emergency outage is continuing this afternoon and all Sony Online Network services remain unavailable,” the platform holder informed PSN users on 21st April.
“Our support teams are investigating the cause of the problem, including the possibility of targeted behaviour by an outside party. Our engineers are continuing to work to restore and maintain the services, and we appreciate our customers’ continued support.”
It was the first day of the PSN outage. The network would not come online again for another three weeks, until 14th May.
As the first day wore on, Sony warned customers it might take up to 48 hours before they could log in again.
The following day, Sony confessed - there had been an “external intrusion” and it was now conducting a “thorough investigation to verify the smooth and secure operation of our network services going forward”.
But, so far, there had been no warning anyone’s personal details were at risk. That news would not be confirmed by Sony for another four days.
A week into the outage, and Sony had remained silent on the exact cause. Speculation centred on Sony pulling the plug on PSN to thwart further attempts at its systems. But the updates from Sony itself remained positive, if slightly evasive. Sony engineers were “working around the clock” to restore services, PSN users were repeatedly reassured.
It was the evening of 26th April when Sony finally broke the bad news: the personal details of millions had been compromised.
“Although we are still investigating the details of this incident, we believe that an unauthorised person has obtained the following information that you provided,” Sony admitted.
This meant users’ names, home addresses, email addresses, birth dates, PSN passwords and usernames.
PSN profile data, purchase history and billing address and security question answers were also at risk.
Worse, Sony could “not rule out the possibility” that credit card data had also been stolen.
“If you have provided your credit card data through PlayStation Network, to be on the safe side we are advising you that your credit card number (excluding security code) and expiration date may have been obtained,” Sony concluded. Oops.
When word broke that personal details had indeed been stolen, gamers were understandably incensed. Not only had Sony’s systems failed, the company had taken a full week to make PSN users aware.
For a taste of how we were feeling at the time, Rich wrote this piece on the security side of things, and how hackers had posted chat logs talking of Sony’s outdated security. He deemed the hack “one of the biggest security breaches of the internet age”.
Within hours, an embattled Sony was forced to explain why it had waited so long to tell its customers the extent of the damage.
“There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised,” Sony’s director of communications Patrick Seybold said.
"We learned there was an intrusion 19th April and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident.
“It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”
PSN users rushed to change their passwords elsewhere - but could not alter their details on PSN itself as the service remained offline.
Within 24 hours, the first class action lawsuit had been filed. Meanwhile, analysts were quick to point out the huge task Sony had ahead of it to regain user trust.
In the days that followed, PSN stayed offline. Anonymous was implicated in the attack, the UK government weighed in and promised an investigation from the Information Commissioner’s Office, and Sony Corporation boss Sir Howard Stringer posted an open letter of apology.
“Dear Friends, I know this has been a frustrating time for all of you,” Stringer wrote. “To date, there is no confirmed evidence any credit card or personal information has been misused, and we continue to monitor the situation closely.”
On 1st May, Sony hosted a press conference in Tokyo to outline the new security measures it was implementing. More apologies were offered, and a “Welcome Back” programme for PSN customers was outlined for when the service resumed.



now if we get two more so help us God