• Language
  • £
  • Login

Sony fined over 2011 PSN Data Hack

Sony has been fined 250,000 GBP over the PSN Data hack which occurred in April 2011.

According to a report on BBC News, UK authorities said the hack in April 2011 "could have been prevented".

The Information Commissioner's Office (ICO) criticised Sony for not having up-to-date security software, although this has learned it's lesson since and has upped its security quite considerably, with the appointment of a new security expert.

ICO's report said technical developments had led to user passwords not being secure, putting many peoples data at risk.

"If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority," said David Smith, deputy commissioner and director of data protection at the ICO.

"There's no disguising that this is a business that should have known better and in this case that just didn't happen, and when the database was targeted - albeit in a determined criminal attack - the security measures in place were simply not good enough."

ICO added the fine reflected the severity of the security breach, adding that it was among the most serious it had ever seen.

"There's no disguising that this is a business that should have known better," Mr Smith added.

"It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."

In response to the fine, Sony has said that it strongly disagrees and is planning to appeal the decision.

"Sony Computer Entertainment Europe strongly disagrees with the ICO's ruling and is planning an appeal."

"SCEE notes, that the ICO recognises Sony was the victim of "a focused and determined criminal attack," that "there is no evidence that encrypted payment card details were accessed, and that personal data is unlikely to have been used for fraudulent purposes following the attack on the PlayStation Network.

"Criminal attacks on electronic networks are a real and growing aspect of 21st century life and Sony continually works to strengthen our systems, building in multiple layers of defence and working to make our networks safe, secure and resilient.

"The reliability of our network services and the security of our consumers information are of the utmost importance to us, and we are appreciative that our network services are used by even more people around the world today than at the time of the criminal attack."

Online security has certainly been a big issue since the attack, with many companies investing to make sure this sort of breach never happens again.

Edited On 24 Jan, 2013

( 18 )
troublemaker's avatar
troublemaker 4 years ago
Hmmm. I like the idea that the fine has been handed down to sony for the breach, but it seems to be more of a fine to show that something was being done publicly. a quarter of a million is hardly bank breaking for Sony. I'm sure Kaz could find that behind his sofa cusions!
0000000000's avatar
0000000000 4 years ago
heavy fine but i bet it wont happen again now!
troublemaker's avatar
I think the best thing that came out of this was that hundreds of online dependent companies, Sony included, jumped and toughened their online security. That can only be a good thing for us consumers.
troublemaker 4 years ago
superniceguy's avatar
It probbaly will not happen again unless you play SOE games in Europe under ProSieben For 9-10 months they were trying to force users to go to ProSieben as they reckon it is "better" but after 10 months of protests they finally let existing players stay with SOE, or go to ProSieben. New players will have to go to ProSieben though. I was trying to get them to state that their security was as strong as SOEs but they never did. From all reports of ProSieben they have weaker security than what SOE had before this breach. This is why myself and many others will not transfer to ProSiebn, and gave SOE major headaches. After the security breach SOE issued security authenticators, but ProSieben do not have this, even though for many months they were supposed to. We did not know until the day Dc Universe Online got the transfer, which was very poor showing. If Sony can not get their own security sorted, then I can not trust them to ensure that ProSiebens security is top notch too. If any breaches occur under ProSieben, then it may be ProSieben getting in trouble, but as far as I am concerned it is Sonys responsibility to ensure their security is as strong as their own, when transferring their customers over, and Sony should get fined too, for SOE games, for not checking security with ProSieben.
superniceguy 4 years ago
DynamiteWhyte's avatar
DynamiteWhyte 4 years ago
Shocking that it has taken this long to fine them. Should have done that much sooner. But agree with troublemaker, it has made online security much better overall.
Pyroloveridge's avatar
Pyroloveridge 4 years ago
now i just wish they would do something about the Xbox gamer tag hacking that's going on under the radar! people getting gamertags comprimised then spent on Fifa ultimate team... took £40 off me took £300 of a friends debit card.
Dead's avatar
Dead 4 years ago
Why can't Sony just admit they were at fault and pay the fine, they are only going to end up losing more money in legal fees when their appeal fails.
PrometheusFan's avatar
PrometheusFan 4 years ago
Good. Victims of criminal acts have had it far too easy for far too long imo.
iMerle iDixon's avatar
iMerle iDixon 4 years ago
Will those actually effected by the hack get any of this? I doubt it.
PrometheusFan's avatar
Last I heard there wasn't a single report of anyone actually being "affected" in any real way by the hack, casting doubt on quite how much(If any) actual sensitive info like Credit Card numbers the hackers were even able to access.
PrometheusFan 4 years ago
Beazi's avatar
Beazi 4 years ago
At least they will have reviewed there systems. I think, being obnoxious to the fact because you have your own operating platform meaning your safe is where Sony fell apart here. If they had realised it could well of occured, they wouldnt be in this position.
Tw33ks's avatar
Tw33ks 4 years ago
I don't see what this will achieve? Yes Sony perhaps deserve to be punished but wasn't having their reputation dragged through the mud enough? Sure their security is stronger now, but they aren't hack proof as no organisation is and what happens when they get hacked again? I mean if someone can steal over 24,000 files from the Pentagon via an online hack there is nothing Sony can do to stop another hack happening. Any security is going to look lax when you have the brightest minds in computing strolling through their online front door as if they found a key under the doormat. I just don't see what this fine will achieve as Sony learned their lesson in 2011.
Anonymous user's avatar
Ben 4 years ago
I think the reason they got hacked in the first place was because a "friendly" hacking group told sony that there security was very poor and they needed to focus on it more. They did not listen and they hacked them to show how weak it was. That is why I think no one was affected. The fine shows Sony and other online businesses that not taking security serious will not be tolerated.
Hymeleon's avatar
Hymeleon 4 years ago
ICO suing Sony. O-M-G

But seriously, how this ICO organization represents all affected users?
James26's avatar
James26 4 years ago
Too bloody right...... But what about those people actually affected by the hacking?!
rick75fowler's avatar
rick75fowler 4 years ago
Hopefully it will never never happen again and all is now safe and secure,I will ever put my card on any console I own now after the Sony hack I just buy the psn wallets from a hop,I think Sony have learned from this now can only get better for the future
Shuy's avatar
Shuy 4 years ago
Sony deserve a bigger fine, bank details were stolen, it's their fault for having a weak security system!
Bhamkeyx's avatar
Bhamkeyx 4 years ago
hopefully the security will be improved, now it is time to put limits on game developers/publishers to only release games if the they are worth the retail price the developers wants, it's unfair for the customers to have games released at a full retail price which will drop significantly in price within a week because the game was horrible.

Please describe the nature of the abuse: