Sony fined in UK over PlayStation cyberattack (Update)

January 24, 2013 by Cassandra Vinograd
In this Aug. 19, 2009 file photo, Sony Computer Entertainment Japan President Shawn Layden displays a new PlayStation 3 during a news conference in Tokyo, Japan. Britain's Data Regulator fined Sony 250,000 pounds ($396,100) on Thursday, Jan. 24, 2013 for having insufficient security measures to prevent a 2011 cyberattack on its PlayStation Network. The attack in April 2011 targeted credit card information through Sony's PlayStation Network and put millions of users' personal information - including names, addresses, birth dates and account passwords - at risk. (AP Photo/Itsuo Inouye, File)

British regulators have fined Sony 250,000 pounds ($396,100) for failing to prevent a 2011 cyberattack on its PlayStation Network which put millions of users' personal information—including names, addresses, birth dates and account passwords—at risk.

Britain's Information Commissioner's Office said Thursday that security measures in place at the time "were simply not good enough." It said the attack could have been prevented if software had been up to date, while passwords were also not secure.

David Smith, deputy commissioner and director of data protection, acknowledged that the fine for a "serious breach of the Data Protection Act" was "clearly substantial" but said that the office makes "no apologies" for that.

"There's no disguising that this is a business that should have known better," he said in a statement. "It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."

Smith called the case "one of the most serious ever reported" to the data regulator.

Sony, which has previously apologized for the data breach, said Thursday it "strongly disagrees" with the ruling and plans to appeal.

David Wilson, a spokesman for Sony Computer Entertainment Europe Ltd., said the company noted that the ICO recognized that Sony was the victim of a criminal attack and that there is no evidence payment card details were accessed.

"Criminal attacks on electronic networks are a real and growing aspect of 21st century life and Sony continually works to strengthen our systems, building in multiple layers of defense and working to make our networks safe, secure and resilient," he said in a statement.

Explore further: Sony says stolen PlayStation credit data encrypted

0 shares

Related Stories

Sony sued over PlayStation Network hack

April 29, 2011

Sony is being sued in US court by gamers irked by news that a hacker cracked PlayStation Network defenses and pilfered data that could potentially be used for fraud or identity theft.

Hackers claim stealing SonyPictures.com passwords

June 2, 2011

Hackers claimed on Thursday to have stolen more than one million passwords, email addresses and other information from SonyPictures.com in the latest cyberattack on the Japanese electronics giant.

Hackers claim new Sony cyberattack

June 3, 2011

Hackers have claimed to have compromised more than one million passwords, email addresses and other information from SonyPictures.com in the latest cyberattack on the Japanese electronics giant.

Recommended for you

Inferring urban travel patterns from cellphone data

August 29, 2016

In making decisions about infrastructure development and resource allocation, city planners rely on models of how people move through their cities, on foot, in cars, and on public transportation. Those models are largely ...

How machine learning can help with voice disorders

August 29, 2016

There's no human instinct more basic than speech, and yet, for many people, talking can be taxing. 1 in 14 working-age Americans suffer from voice disorders that are often associated with abnormal vocal behaviors - some of ...

Apple issues update after cyber weapon captured

August 26, 2016

Apple iPhone owners on Friday were urged to install a quickly released security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by cyber arms dealers.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.