Hacker Behind 2013 Sony Online Entertainment Cyberattacks Gets Two Years in Prison

The hacker behind the 2013 cyberattacks on Daybreak Game Company, then Sony Online Entertainment, is heading to prison for the next 27 months, according to the U.S. Attorney’s Office for the Southern District of California.

Utah resident Austin Thompson pleaded guilty back in November in connection to the attacks, allegedly led by his group, DerpTrolling. Thompson’s official charge was “Damage to a Protected Computer.” Now, he’s finally received his sentence.

Six years after the incident, you probably need a bit of a refresher as to what prosecutors say he did.

DerpTrolling is thought to be behind several attacks that denied users online service for Sony Online games, as well as League of Legends and Dota 2. This kind of attack, called distributed denial of service, or DDoS, often costs gaming companies big bucks.

Thompson succeeded in completely crashing Daybreak’s network to offline, which was especially hard on a company that specializes in online games, including Everquest, Planetside and DC Universe Online.

The hacker also targeted other companies, including EA, Warner Bros and Riot Games.

In January 2014, the DerpTrolling Twitter account put out a tweet saying that federal agents had arrived at their home, forcing them to escape through the bathroom. According to his plea agreement, Thompson was in charge of the Twitter account.

The account was also used to announce the imminent attack on Sony Online, as well as to post screenshots boasting of their success by showing the world that their victims’ servers had been taken down.

In addition to serving his two-year sentence starting on Aug. 23, Thompson also has to pay $95,000 in reparations to Daybreak Game Company.

The attacks came off the heels of an infamous group called Lizard Squad targeting Sony Online, even making a bomb threat that caused a flight carrying its then-president John Smedley to make an emergency landing around Christmastime. Smedley had been facing continued harassment by Lizard Squad on multiple occasions before the bomb threat, as well.

Sony Online really couldn’t catch a break in 2013, but it seems Thompson wasn’t involved in any of these more malicious crimes.

The Lizard Squad members involved in the 2014 bomb threats were convicted. One of the members, Zachary Buchta, was sentenced to three months behind bars in 2018 and had to pay $350,000 in restitution, while the other member, Julius Kivimaki, faced a 2015 conviction with a two-year suspended prison sentence.

Many challenged the sentences, especially that of Kivimaki, as too lenient, including the victim of many of the crimes, Smedley.

DDoS attacks seemed commonplace back in 2013 and 2014, but news about these kinds of incidents seems to be winding down even with gaming looking toward an increasingly digital trajectory. Maybe the silver lining is that these big-name arrests have been curbing the practice.

You can read the news release from the U.S. Attorney’s Office of the Southern District of California on Thompson’s sentencing here.