Sony has been fined a quarter million pounds ($400,00) in the UK by a watchdog, due to its handling of the 2011 hack of its systems that left millions of customers vulnerable. According to the Information Commissioner’s Office this constituted a massive breach of the Data Protection Act that guarantees companies put effective safeguards in place to protect their user's information.
David Smith, director of data protection at the ICO said:
“If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority. In this case that just didn’t happen, and when the database was targeted – albeit in a determined criminal attack – the security measures in place were simply not good enough.”
“There’s no disguising that this is a business that should have known better. It is a company that trades on its technical expertise, and there’s no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe.”
While this really isn't a large fine for Sony, a company that deals in the millions and billions, it is good to see some sort of impact of the screw up that saw all PS3 customer details made vulnerable through poor server security and data storage practices. The ICO did say that the only good news out of the hack was that a lot more people were wary about giving their information to companies now than they were before.
Were any of you guys hit by the hack? Did it make you more hesitant to give your details out in the future?