Sony to appeal £250,000 fine for hack into PlayStation Network
Sony Computer Entertainment has been fined £250,000 for a hack on its PlayStation Network that compromised the personal details of millions of its users.
Sony PlaySation: Sony fined £250,000 for hack into the network
The decision is being disputed by Sony, which is planning an appeal after "strongly disagreeing" with the ruling by the Information Commissioner’s Office (ICO).
Sony is objecting to the fine, citing that the ICO admitted the hack in 2011 was a determined criminal attack, that there was "no evidence that encrypted payment card details were accessed" and "personal data is unlikely to have been used for fraudulent purposes".
A Sony spokesman said: "Criminal attacks on electronic networks are a real and growing aspect of 21st century life and Sony continually works to strengthen our systems, building in multiple layers of defence and working to make our networks safe, secure and resilient."
The ICO imposed the fine after ruling that Sony breached the Data Protection Act by not putting sufficient safeguards in place to protect users of the Sony PlayStation Network.
Sony was victim to Distributed Denial of Service (DDoS) attacks in April of 2011 that also compromised information including the passwords, names, addresses, email addresses, and dates of birth of PlayStation Network users.
Although there was no evidence encrypted payment card details were accessed, Sony was reprimanded because details including passwords will have been used by people to control other online accounts and services.
The investigation found the attack could have been prevented if Sony had updated its software, while the electronics firm was also guilty of not anticipating an attack on systems, despite being subject to server DDoS attacks before the April 2011 incident.
David Smith, deputy commissioner and director of data protection at ICO, said: "If you are responsible for so many payment card details and log-in details, then keeping that personal data secure has to be your priority.
"In this case, that just didn't happen, and when the database was targeted – albeit in a determined criminal attack – the security measures in place were simply not good enough.
"There's no disguising that this is a business that should have known better. It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."Follow @mattchapmanuk
This article was first published on marketingmagazine.co.uk
Latest jobs Jobs web feed
- Copywriter fishtank 25k to 40k per year GBP, Marlow, Buckinghamshire
- PR Account Director fishtank 40k to 55k per year GBP, Surrey
- Head of Marketing fishtank 45k to 60k per year GBP, United Kingdom
- Digital Search & Acquisitions Officer Topshop Up to £30,000 per annum + benefits, London
- planner > SHOPPER EVANGELIST > brilliant role for those SUITS looking to move across into PLANNING collectivo £30-40k + bens, London
- Marketing Executive Warner Bros £ Competitive + benefits, Holborn, London
Big Questions Live - Social Media, User Generated Content and the Power of Customer Insight (Webcast) External website
Brand Republic’s first ever online TV show, Big Questions Live wil...
The PR industry’s lack of success at the Cannes Lions festival 201...
Confused by hashtags? Tweetchats? Tweet walls? You’re not alone.Wi...
It’s fair to say we are truly in the age of content marketing, the...
As a nation, the UK is media and technology obsessed with over half of t...
All customers have the potential to become your brand advocates, driving...