Sony has received a slap on the wrist for its 2011 PlayStation Network security breach. A U.K. Based watchdog group called Information Commissioner’s Office, ironically abbreviated as ICO, has hit the Japanese electronics giant with a £250,000 (approx. $400,000 USD) fine.
While pocket change for the electronics conglomerate, the fine is still the third largest ever handed out by the commission. Deputy Commissioner David Smith puts the blame on Sony’s doorstep, claiming that they should have known better
“There’s no disguising that this is a business that should have known better. It is a company that trades on its technical expertise, and there’s no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe.”
In April 2011, hackers attacked the PlayStation Network and unearthed over 77 million account names, password, and email addresses, one of the largest data security breaches in history. With no other option, Sony was forced to shut down the PlayStation Network after three days of being unable to control the spread on April 20th. The shutdown lasted 24 days.
A similar attack also occurred the following month, exposing 25 million other accounts.
Sony received a lot of criticism for how poorly coded all of their information was, especially by the hackers themselves. All of the information was reportedly “right there” once the hackers gained access, and they claimed a point needed to be made that such a large corporation needs to do better. For the most part, the ICO and Smith agreed.
“If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority. In this case that just didn’t happen, and when the database was targeted – albeit in a determined criminal attack – the security measures in place were simply not good enough.”
Sony is planning an appeal of the fine, and they have until Feb. 13th to pay it reduced by 20 percent. Sony’s massive apology tour, heard especially through the halls of E3 that year, was a kind gesture, and they have done a great job fixing their image. I would think that the fine would be a small price to pay rather than to let the past drag out even longer.