Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
Sony fined in UK over PlayStation cyberattack
Thursday - 1/24/2013, 6:08am EST
LONDON (AP) - British regulators have fined Sony 250,000 pounds ($396,100) for failing to prevent a 2011 cyberattack on its PlayStation Network which put millions of users' personal information _ including names, addresses, birth dates and account passwords _ at risk.
Britain's Information Commissioner's Office said Thursday that security measures in place at the time "were simply not good enough." It said the attack could have been prevented if software had been up to date, while passwords were also not secure.
David Smith, deputy commissioner and director of data protection, acknowledged that the fine for a "serious breach of the Data Protection Act" was "clearly substantial" but said that the office makes "no apologies" for that.
"There's no disguising that this is a business that should have known better," he said in a statement. "It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."
Smith called the case "one of the most serious ever reported" to the data regulator.
Sony, which has previously apologized for the data breach, said Thursday it "strongly disagrees" with the ruling and plans to appeal.
David Wilson, a spokesman for Sony Computer Entertainment Europe Ltd., said the company noted that the ICO recognized that Sony was the victim of a criminal attack and that there is no evidence payment card details were accessed.
"Criminal attacks on electronic networks are a real and growing aspect of 21st century life and Sony continually works to strengthen our systems, building in multiple layers of defense and working to make our networks safe, secure and resilient," he said in a statement.
Cassandra Vinograd can be reached at http://twitter.com/CassVinograd
(Copyright 2013 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)