Close
Report Comment to a Moderator Our Moderators review all comments for abusive and offensive language, and ensure comments are from Verified Users only.
Please report a comment only if you feel it requires our urgent attention.
I understand, report it. Cancel

US senator questions Sony over PSN breach

Wed 27 Apr 2011 7:36am GMT / 3:36am EDT / 12:36am PDT
PoliticsOnline

Politician demands free legal protection; Sony defends response time

Democrat Senator Richard Blumenthal has written to Sony Computer Entertainment America's Jack Tretton to demand answers over the PlayStation Network security breach.

Blumenthal accuses Sony of failing to notify millions of customers in time and that the incident, "raises concerns of data privacy, identity theft, and other misuse of sensitive personal and financial data, such as names, email addresses, and credit and debit card information."

The Senator, who has previously been involved in campaigning for video game sales restrictions for minors in Connecticut, has called for Sony to provide PSN users with financial data security services - including free access to credit reporting services for two years and identity theft insurance.

It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach.

Nick Caplin, SCEE

The full text of the letter appears on the Senator's website, where he writes of being "troubled by the failure of Sony to immediately notify affected customers of the breach and to extend adequate financial data security protections."

"Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised. Nor has Sony specified how it intends to protect these consumers," continues the letter.

Sony only confirmed that data theft had occurred yesterday, after six days of no service. According to comments on the European PlayStation Blog, Sony first learned of an intrusion on the network on April 19, at which point it shut down the service.

"We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident," claimed Nick Caplin, head of communications at Sony Computer Entertainment Europe.

"It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly yesterday evening," he added.

8 Comments

Joe Winkler trained retail salesman, Expert

171 4 0.0
That was just a matter of time untill the first lawers would catch up on the sony blame. Sad but comprehensible.

Posted:3 years ago

#1

Andrew Goodchild Studying development, Train2Game

1,253 418 0.3
Whilst I understand they wanted to run damage control, if they suspected even the slightest chance that credit/debit card data was compromised, not letting people know immediately , so customers could cancel cards, was very irresponsible. If the hackers have the card information, they have now had a week to use it. And although if your card details do get stolen beyond your control, banks/card companies are liable for a lot of it, in turn those financial companies arn't going to be happy with Sony if a lot of damage has been done.

Posted:3 years ago

#2

Fran Mulhern , Recruit3D

863 707 0.8
Wouldn't be surprised if this costs Sony hundreds of millions, across various jurisdictions. And perhaps it should do, too - waiting a week to tell people their credit card details may have been stolen is pure negligence.

Posted:3 years ago

#3

Jim Webb Executive Editor/Community Director, E-mpire Ltd. Co.

2,270 2,439 1.1
I'm wondering if the SEC or Attorney General will get involved. The timing between learning of the breach and informing consumers of the potential CC and password theft may place some liability on Sony's shoulders. You just don't wait 7-10 days before telling your consumers that their information could be in danger.

Posted:3 years ago

#4
Any service can be taken offline at any point should they desire too and should the need arise... just google xbox live outage, you'll find some pages, even a page that says day 13, obviously it wasnt about hacks, but still, a payable services can be taken offline at any time, just to make that clear.

I understand Sony at some degree as they were trying to see what damage the hackers did to the network, Sony made a mistake tho by keeping the info from the people so long.

Even with the best security, there is always a workaround, look at it this way:

Unless you have the mona lisa in your living room, you wont secure your house against theft (except locking some doors), when a burglar enters and steals everything, only then will you upgrade your security, this is the position Sony is in, altho 77mil credit card details might be the mona lisa for them, there is no proof what so ever that anything has been stolen as off yet except some details like your address, password (which can quickly be changed) and (Maybe) credit card numbers, which are still worthless without exp date and CVC.

While I partially blame Sony, 90% of the blame should be directed to the hackers, who had no bussiness there in the first place, with or without security, yet no one seems to be angry at them...

People just found a reason to fill their pockets again with lawsuits against Sony, while they havent necessarily done anything wrong, call it human nature, abuse a situation to the fullest.

I wish the best to Sony as I have 100% full faith in them, I too had my creditcard details on PSN and I hope they catch those criminals and put them in jail, this is digital crime and it should be punished...

I will enjoy my Playstation 3 again to the fullest when this mess is over.

Edited 1 times. Last edit by Joffrie Diependaele on 27th April 2011 11:59am

Posted:3 years ago

#5

Rick Lopez Illustrator, Graphic Designer

1,269 942 0.7
Look... if it makes PSN better, safer and more secure, Im all for the outage. After all who wants to share their info personal info on a site that is not secure. I feel they are doing the most responsible thing.

Its like a great game. id rather wait a bit more and have a great game then have them rush it out the door as a mediocre product.

Building and maintaining a network like PSN isnt easy. People can complain about a product they buy, but they dont make it. And if they dont like it. Dont buy it. I think SONY is handling this very well. No i dont like waiting. But I also appreciate being on a secure and stable network.

My anger goes at the hackers. Its sad that a few people who are discontent with SONY have to ruin the expirience for everyone else. I wish SONY the best and when the network is back up, I'll be there.

Edited 1 times. Last edit by Rick Lopez on 27th April 2011 3:43pm

Posted:3 years ago

#6

Colin.J.C. Garstang Intellectual artist

11 0 0.0
Its not like the doors were left open on purpose. Even the mighties castle will fall to a concerted attack....

Posted:3 years ago

#7

Andrew Goodchild Studying development, Train2Game

1,253 418 0.3
@rick "Look... if it makes PSN better, safer and more secure, Im all for the outage. After all who wants to share their info personal info on a site that is not secure. I feel they are doing the most responsible thing. "

You don't think it would have been better had they made the improvements to make it safer and more secure BEFORE they had this happen and they were backed against a wall. Any improvements they make to security weren't unavailable 4 weeks ago, why weren't they used then?

Edited 1 times. Last edit by Andrew Goodchild on 1st May 2011 11:53pm

Posted:3 years ago

#8

Login or register to post

Take part in the GamesIndustry community

Register now