The Information Commissioner’s Office (ICO) will announce its decision on whether to punish Sony over last year’s significant data breach in the next six weeks, TechWeekEurope has learned.
Deputy commissioner David Smith revealed the body was close to the decision on events last year, which saw the Playstation Network (PSN) and other Sony sites hacked. Over 100 million customers’ data were compromised as a result of all the different compromises.
The ICO told TechWeekEurope it had nothing further to add, except “our enquiries are ongoing at this stage.” The body announced in April last year it was going to investigate the impact of the breach on UK citizens. There are around three million UK registered PlayStation users.
After the PSN was hit, Sony suffered a torrid few months, which saw other sites, including the Sony Pictures website, attacked. Former LulzSec leader Hector Xavier Monsegur, also known as Sabu, pleaded guilty to helping hack the Sony Pictures site, along with a raft of other online services.
Sabu also went after Sony Music thanks to a tip on a vulnerability from a LulzSec supporter. Sony Music Belgium and Sony Music The Netherlands were also targeted, whilst Monsegur revealed a vulnerability found in Sony Music Russia to other members of LulzSec.
In May last year, Sony said the PSN breach was going to cost it at least $171 million. The company was also sued by one of its customers in the US in April last year.
The ICO has faced criticism for not coming down on large private companies hard enough before. When Google escaped a fine after it captured Wi-Fi payload data during its Street View rounds, the ICO said it was down to the fact that Google collected the data before the regulator had been given the ability to fine companies for data breaches. Nevertheless, it still came under fire.
It also took some flak for not issuing a tougher punishment for ACS:Law solicitor Andrew Crossley. ACS:Law was hacked by Anonymous after it sent letters to those believed to be committing copyright infringement, leaking recipients’ details. The ICO said it would have fined Crossley £200,000 but reduced that to £1,000 because he was “of limited means”.
Think you know security? Test yourself with our quiz.
Rights group argues ChatGPT tendency to generate false information on individuals violates GDPR data protection…
European Commission says Apple's iPadOS is 'gatekeeper' due to large number of businesses 'locked in'…
As the cloud continues to be an essential asset for all businesses, developing and maintaining…
Internatinal conference in Vienna calls for controls on AI-powered autonomous weapons to ensure humans remain…
Major Taiwan chip assembly and test firm KYEC to sell Jiangsu subsidiary, exit mainland China…
As deepfake technology continues to blur the lines between reality and deception, businesses and individuals…