PlayStation Network hacker sentenced to year in prison

Cody Kretsinger, a hacker affiliated with LulzSec, has been sentenced to a yearlong prison term for his involvement in the PlayStation Network outage of 2011. Upon his release, a US District Judge in Los Angeles has also ordered Kretsinger to home detention and 1,000 hours of community service. Kretsinger — known to fellow LulzSec members as "Recursion" — last year pled guilty to taking part in the massive hack.


Update: This article originally indicated Kretsinger was involved in a different Sony breach. He took part in the hack against Sony Pictures Entertainment in June 2011.

Read Full Story >>
The story is too old to be commented.
KingKelloggTheWH2011d ago

Good,crap like that should not be tolerated.

iGAM3R-VIII2011d ago

So all of you guys thin 1 year is acceptable?!?!?!

IMO I think it should be 20+ years

PeaSFor2011d ago Show
Ducky2011d ago (Edited 2011d ago )

Why stop at 20 years?
Let's just give the guy capital punishment for using a simple SQL injection to access data.

It's not like the company has any responsibility of actually keeping their client's data secure.

Also, if some of you aren't reading the article, this guy hacked Sony Pictures (in June), so he was not involved in the PSN hack (April).

cl19832011d ago (Edited 2011d ago )

@ Ducky
Kretsinger — known to fellow LulzSec members as "Recursion" — last year pled guilty to breaching the Sony Pictures site through SQL injection and providing personal customer data to LulzSec.

From what your saying, if someone breaks into a car and hot wires it but someone else drives off then only the driver should be punished.

Ducky2011d ago (Edited 2011d ago )

^ In your analogy, the car owner have reasonably secured themselves against theft.
In the case of the hacks, Sony hadn't done that , and this was an area they improved upon following the attacks.

So yea, Kretsinger is a criminal and deserves punishment for his actions.
If he had to hack his way through difficult security measures, then yea, I'd like to see a longer jail time, but a single SQL injection?
Seems unreasonable to be demanding 10 or 20+ years for that.

DragonKnight2011d ago

@Ducky: Name one impenetrable online service.

2011d ago
Testfire2011d ago

This ruling brought a smile to my face. And yes, 1 year is enough, I think it will be lesson learned.

Ducky2011d ago (Edited 2011d ago )


That's easy. XBL.
har har har

Anyways, the issue is how weak their security was. Nothing is impenetrable provided you use enough force, but in Sony Pictures' case, it required little force to break through.

That's where the leniency probably comes in regarding his sentence.
... but maybe the legislators of N4G know better.

DragonKnight2011d ago

Sony Pictures isn't something anyone but Sony cared about. The issue everyone cared about was PSN. I mean, the Pentagon is bombarded with millions of hacking attempts a day just from China alone. Would they be to blame if one hacker was successful?

Ducky2011d ago (Edited 2011d ago )

^ Well, the article is about Sony Pictures, since that's who the hacker hacked, and why he got the sentence.

... and you're right, probably no-one cared for Sony Pictures, which is why they might've been lax on security.

Not sure what the Pentagon argument is there for. The Pentagon has security good enough to defend itself against all those hackers. If one hacker succeed, then they likely would have to be very skilled or lucky... in either case, no, I wouldn't blame the Pentagon.
In Sony Pictures' case, it was an amateur who used one SQL injection to get data that wasn't even ecnrypted.

MikeMyers2011d ago

Has anyone penetrated Paypal?

shutUpAndTakeMyMoney2011d ago


This must make u super happy?

"Allegedly, SuperDaE could be looking at 20+ years in prison with a possible consecutive life sentence if convicted."

Life for leaking xbox 730 info... smh..

SilentNegotiator2011d ago (Edited 2011d ago )

"Why stop at 20 years?
Let's just give the guy capital punishment for using a simple SQL injection to access data.
It's not like the company has any responsibility of actually keeping their client's data secure" a person that steals a TV from a home without a locked door should get a lighter sentence than someone that picks a locked door to steal? You're pulling the burden for the crime away from the criminal?

Talk about "n4g legislators", how many accounts does it take to get yourself to 7 bubbles?

Ducky2011d ago (Edited 2011d ago )

^ It would be helpful if people actually used analogies that are actually relevant.

An SQL attack is not like robbing a car or breaking into a house. It is a common tactic that most big sites should be prepared to defend themselves against since SQL attacks occur regularly... unlike theft attempts to a house/car.

I see it more like a soda can machine that gets abused regularly by passer-bys as they hope to get a free drink. If someone bangs the machine on the side and gets a free drink, that's a crime. If someone breaks the machine's lock, opens it up and grabs a drink that way, that's a more severe crime.

The machine can not be impenetrable, but you expect the manufacturer to have anticipated that it would get banged every now and then, and take necessary measured to secure itself against that.

Similarly, what Kretsinger did was something that Sony Pictures should've anticipated
... and that's why I'm guessing the sentence was smaller.

As for my bubble count. No, I don't have any multiple accounts and quite frankly, who gives a damn? If my argument makes sense, it makes sense, if it doesn't, it doesn't. If you agree, you agree, and if you disagree, then just post a counter argument.

GrandTheftZamboni2011d ago

You guys are too harsh. With such name he was destined not to have social life.

lilbrat232010d ago

I was thinking more of 5 to 10yrs with fines of at least 200,000 :-)

HiddenMission2010d ago

@ Ducky

It doesn't matter about how advanced the security it's about how bad the crime was.

Here is an analogy for you...should a bank robber get a smaller sentence just because the bank only had one security guard versus a longer one if the bank employed many.

Stealing customer data like a credit card or social can do more damage to a persons life than almost anything. Some cases fighting credit fraud can take years if the individual doesn't have credit monitoring. When they don't they have to go to court...that cost you think the criminal is going to pay for those costs.

All the time we see criminals get easy sentences for what some think to be petty or non-life threatening crimes. In all reality a crime is a crime and if the act could potentially do major damage to your life then yes 1 year not enough in this case.

Ducky2010d ago (Edited 2010d ago )

^ The crime escalates with security though.
Suppose you have accounts at two banks, and both unfortunately got robbed.
Bank 1 had a well equipped security team and a heavy duty safe. The thief neutralized all the guards and blasted through the safe and took off with the money.
Bank 2 had one security guard, and no safe, which the thief took care of easily.

Would you expect both criminals to get the same sentence?
Would you be sympathetic to both banks?

Consider this, the reason Kretsinger got caught was that he went public and bragged about his 'achievements'. Had he stayed quiet, he still would have all that personal information. Had he wanted, he could've quietly sold that information.

Considering how he was only an amateur who used one SQL injection and the data wasn't even encrypted, it's not out of the question that someone else beforehand hadn't already quietly hacked the system and stole identities.

Identity theft is a serious crime, but you have to realize some blame goes to the corporation that is supposed to be protecting your information, but skimps on the security.

nukeitall2010d ago (Edited 2010d ago )

It's ridiculous that after almost a decade after SQL injection attack was discovered, that a major company like Sony be vulnerable to such a simple attach.

For over half a decade, SQL injection attacks are subverted directly in the programming language by using prepared statements.

It's a basic thing for any programmer, like 1+1=2 is to math.


I completely agree with you. Even though you own a gun, and it can be taken from you from your own home, it doesn't mean you should be careless with the weapon!

greatcrusader442010d ago (Edited 2010d ago )

Jesus, people are rough. Do people realize how long a year in prison is? Yeah this guy did something illegal but wanting him to get 10-20 yrs are assholes, that's pretty much ruining his entire life.

You only have one life, a yr of prison time should be enough for the charge, it'll hopefully teach him to spend his spare time wisely. If he goes straight back to it ans gets caught again, sure a longer jail time but as a first offense anything over a year would be overkill.

+ Show (19) more repliesLast reply 2010d ago
ziggurcat2011d ago

should have been a stiffer punishment, quite frankly.

Minato-Namikaze2011d ago

he'll get one on prison, lol

T22010d ago (Edited 2010d ago )

@ ducky - your argument is terrible and completely wrong. The only difference between banging said soda machines and breaking the lock are that breaking it is a different crime. Stealing the soda is still theft in both cases , period.
its like saying a person who has a gun in the house is asking to get shot with it. Stealing other peoples id is id theft period. If I left my credit card at your freakin house and you used it id still f u up ... According to you itd be my fault for not securing it ...

GetSnooked2011d ago

That's what she said!! Haahahaa...

KwietStorm2011d ago

And now we await all the minions who didn't learn shit, to retaliate by hacking again.

Septic2010d ago

I hope you're joking.

The mob on here haven't failed to show their complete disconnect with things like reason, understanding and equity.

Oh_Yeah2010d ago (Edited 2010d ago )

This guy shouldn't have gotten any time. Smh, he did Sony a favor by showing them their fraudulent reports were filed from the hack. Now if a real criminal got up in there that would have been different but this guy, he was just testing his skills. Sony should have offered him a job same goes for Geohotz because obviously they're a bit more knowledgeable than some of Sonys personel.

Knight_Crawler2010d ago (Edited 2010d ago )

Ultimate hacker punishment would be to cut all his fingers off.

This guy is probably laughing at 1 year and will use the prison time to look for noobs for his Legion of Hackers club.

Lone_Man2010d ago

@iGAM3R-VIII thank god you are not a judge

HiddenMission2010d ago

I guess you don't understand that credit fraud against one person can some times take years to depending on how many peoples credit information yeah more time in prison is better than a year.

In a way I think we should take the practice used over in the middle east where the crime matches the punishment...steal you get your hand cut this case you cut some fingers off.

He won't be pulling that shit again even if he wants to.

Sucitta2010d ago

you sloths realize child molesters get less time then this?

+ Show (7) more repliesLast reply 2010d ago
cl19832011d ago

They should of gave him 10 years in prison with no time off.

Irishguy952011d ago (Edited 2011d ago )

10 Years? For hacking? Are you serious? Did he kill someone or something?

Yes cleft down below...because Hacking a website = Threatening someones life

Jesus...the ignorance on this website grows day by day

Edit-- Yeah Kneon but being stupid is nothing in comparison to pulling a knife on someone for 50 cent

kneon2011d ago

Hacking isn't a crime of need, it's not a crime of passion, it's a crime of stupidity, and I have little tolerance for stupidity.

Ducky2011d ago (Edited 2011d ago )

^ It is a crime of passion.
Most hackers enjoy the challenge that comes with having to find exploits in a system's security.

I like to have fun with words.

DragonKnight2011d ago

@Ducky: You don't know what a crime of passion is do you?

Lone_Man2010d ago (Edited 2010d ago )


dangert122011d ago

I was as pissed as anyone when PSN went down, i brought SOCOM 4!!!!!!!!!!

But this is too harsh plain and simple. I agree with the community service heck throw on another 1000 hours. but taking his freedom...while the US Gov keep up there fraudulant terror attacts after now 911, then batman.then the school now boston...and what time are the gov doing?

GalacticEmpire2011d ago

He broke into a secure server that may have contained personal information on millions of customers and possibly even credit card info.

A year seems fair to me, bearing in mind he'll probably be out in less than that with 'good behaviour'...

...If he doesn't get shanked by a Playstation fanboy inmate lol.

xHeavYx2011d ago

@Dangert, go home my friend, you are drunk

Skips2011d ago (Edited 2011d ago )

"...If he doesn't get shanked by a Playstation fanboy inmate lol."

LMAO. I just couldn't help but imagine that a few times. XD

JoGam2011d ago (Edited 2011d ago )

I hear you but these are the facts.....Fact 1. Hacking in to a company is a crime plan and simple and this guy was found guilty so he must pay the piper. As for the US gov doing what you claim....FACT 2. NEED PROOF. Without that, its just accusations. No one went to Jail or did time just for accusations.

cpayne932011d ago

9/11 and the school shooting admittedly have some interesting evidence and videos to back them up. The batman shooting and the boston bombing though? Not sure where that is coming from. You can't blame every incident on the government.

JoGam2011d ago (Edited 2011d ago )

Those aren't evidence. Those are just theories. For example...Evidence would be parts from the plane that crashed in to the towers on 911. Theories would be possible reasons why and how. Evidence are facts.

Klonopin2010d ago

Can i play conspiracy theory too?

KwietStorm2011d ago (Edited 2011d ago )

You're all over the place, man, and it just comes off as another "Screw the government" rant. Yea the politicians got issues, but what does that have to do with the actions of this one particular dummy? He made his bed. Now he's got to sleep in it with Bubba. Hacks for jokes is one thing. This guy, along with others like him, stole personal information and provided it to a conglomerate of clowns. If you've ever had to deal with identity theft, a year punishment might sound like a slap on the wrist for this guy.

HiddenMission2010d ago

Exactly a year not enough since it doesn't match the crime.

joeorc2010d ago

he really did not get off light!, but on the same token the plea bargin was fair. you do know recent law's were passed to have a mandatory three year's in hacking networked computer systems. he was able to plea bargin this down to one year in jail, and also another year home detainment with 1000 hours of community service. with a fine of $600,000. and most likely a bar from using networked computer systems for no less than 5 year's.

+ Show (2) more repliesLast reply 2010d ago
Prcko2011d ago (Edited 2011d ago )

5 years minimum,1 year is 2 low for this type of crime

haymoza2011d ago

Now he can get his butt hacked.

ZoyosJD2010d ago

Eye for an eye.

Tooth for a tooth.

Backdoor SQL injection for a...well...backdoor injection.

Sounds like reasonable punishment.