Sony data breach stirs global outrage
Ire is mounting the world over after Sony belatedly revealed its online gaming network suffered one of the largest data breaches in history, and has yet to issue a full statement regarding the mater.
The company first pulled the plug on its PlayStation Network on April 19th, but waited a full 7 days to disclose this Tuesday that it was because of a security breach instead of a technical problem.
The delay would have given ample time for hackers to sell or maliciously exploit the data, security experts have contended, and now lawmakers in several countries are taking action.
In the United States, several members of Congress seized on the breach to push for tougher laws protecting personal information. A House of Representatives subcommittee was directed to investigate the hacking incident.
Given the amount and nature of personal information known to have been taken, the potential harm that could be caused if credit card information was also taken would be quite significant., the Commerce, Manufacturing and Trade Subcommittee wrote to Sony.
In Britain a government watchdog has already launched an investigation itself.
Britain's Information Commissioner's Office said it had contacted the company and was investigating whether Sony violated laws that require it to safeguard personal information.
A Sony spokesman has said that after learning of the breach it took several days of forensic investigation before the company knew consumers' data had been compromised.
It's estimated that name, address, country, email address, birthdate, PSN password and login and other details were stolen from approximately 77 million users globally.
Hong Kong Privacy Commissioner Allan Chiang said he was probing the breach and met with local Sony official Katsuhiko Murase who told him 400,000 Hong Kong PlayStation Network user accounts were involved.
Sony issued a fact-sheet on its official blog this week stating that while data was compromised, the credit card information was encrypted.
The fact that encryption was being used on the credit card data is to be welcomed -- as it reduces the chances of stolen information being used for fraud, Graham Cluley, senior technology consultant at Internet security firm Sophos said.
However, there still remains the question about just how strong the encryption is that Sony used.
© Copyright IBTimes 2024. All rights reserved.