Sony fined $400K for PSN breach in the UK

GAME JOBS

updates

Blogs

events

contractors

newsletter

store


	View All Post RSS

	May 25, 2013


		Beer and Diversity

		Selling Games

		Want To Help Stop Youth Cyberbullying? Let Your Kids Raid More.

		Tenets of Videodreams, Part 1: Exploration [2]

		We're Indie, we like Microsoft. Too Controversial? [38]


	View All Post a Job RSS

	May 25, 2013

		Treyarch / Activision Technical Animator

		Treyarch / Activision Game Systems Designer

		Infinity Ward / Activision Senior Tools Engineer

		Airtight Games Environment Artist

		App Minis LLC Senior Unity Game Programmer

		Gameloft Game Designer


	View All RSS

	May 25, 2013


		12 Million Downloads after 1 Year in the AppStore

		Global Games Market Grows 6% to $70.4bn in 2013

		Sharpen Your Battle Axes and Prepare to Pillage!...

		Active Soccer - Indiegogo campaign

		Fashion Party Dress Up Press Release


		Editor-In-Chief: Kris Graft
		Blog Director: Christian Nutt
		Senior Contributing Editor: Brandon Sheffield
		News Editors: Mike Rose, Kris Ligman
		Editors-At-Large: Leigh Alexander, Chris Morris
		Advertising: Jennifer Sulik
		Recruitment: Gina Gross
		Education: Gillian Crowley

	Contact Gamasutra

	Report a Problem

	Submit News

	Comment Guidelines

Sony fined $400K for PSN breach in the UK

January 24, 2013 | By Mike Rose

2 comments

More: Console/PC, Business/Marketing

The Information Commissioner's Office, a UK public body that deals with the Data Protection Act, has presented Sony with a £250,000 ($395,775) fine for the PlayStation Network outage that occurred in 2011.

Sony admitted at that time that hackers had managed to compromise information from millions of users on the PlayStation Network including postal addresses and email addresses, while payment card details were also at risk.

The ICO, which reports directly to Parliament in the UK, has now concluded that the attack could have been prevented if Sony's software had been up to date, noting that passwords were not secure at all.

David Smith, deputy commissioner and director of Data Protection in the UK, added, "If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority."

"In this case that just didn't happen, and when the database was targeted - albeit in a determined criminal attack - the security measures in place were simply not good enough."

He went on to say that the PSN breach was "one of the most serious ever reported to us," noting that the event put a huge number of people at the risk of identity theft.

In a statement to the Telegraph, Sony responded to the fine stating that it disagrees with the ruling, and is planning to appeal the decision.

"SCEE notes, however, that the ICO recognises Sony was the victim of 'a focused and determined criminal attack,' that 'there is no evidence that encrypted payment card details were accessed,' and that 'personal data is unlikely to have been used for fraudulent purposes' following the attack on the PlayStation Network," the statement adds.