Sony Playstation Network Hack Preventable, UK Authorities Say

Sony was hit with a whopping 250,000 pounds ($396,000) fine by authorities in the United Kingdom for a hack that is deemed preventable.

The April 2011 attack of the Sony Playstation Network could have been avoided, according to the Information Commissioner's Office (ICO). Deputy Commissioner and Director of Data Protection, David Smith reprimanded Sony for not taking the proper measures to protect sensitive data. "If you are responsible for so many payment card details and log-in details, then keeping that personal data secure has to be your priority." said Smith.

The ICO believes that Sony's implemented security measures were just not good enough and makes no apologies for the hefty fine. The cyber-attack on the Playstation Network shut down services for weeks and was the largest ever reported, according to the ICO. The attack is viewed by authorities as a "serious breach of the Data Protection Act" and faults Sony for putting sensitive information at risk. Personal data of over 100 million accounts were breached, including names, addresses, account passwords and credit card information.

On Thursday, the ICO concluded that Sony was at fault and that better security measures should have been applied to protect their network from being compromised. Following the 2011 Playstation Network hack, the President and CEO of Sony, Kazuo Hirai, issued a public apology. Sony revamped their network infrastructure with advanced security measures and requested that users change their passwords. As compensation for being unable to access the Playstation Network for a month, users were offered free games.

"There's no disguising that this is a business that should have known better. It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe." said Smith.

Sony Computer Entertainment Europe plans to appeal the fine and said in a statement, "SCEE notes, however, that the ICO recognizes Sony was the victim of "a focused and determined criminal attack," that "there is no evidence that encrypted payment card details were accessed," and that "personal data is unlikely to have been used for fraudulent purposes" following the attack on the PlayStation Network."

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics