Sony has brought in outside consultants as it tries to find the hackers who were responsible for the possible exposure of personal information from over 100 million users, according to media reports.
Data Forte will work with the F.B.I., to investigate the security breach. In addition, Sony hired Guidance Software and Protiviti, which is a risk assessment firm, Reuters reports. Lawyers from Baker & McKenzie are also helping in the investigation.
This week, Sony said that names, addresses, e-mails, birth dates, phone numbers and other private information from 24.6 million Sony Online Entertainment accounts could have been taken from company servers or from an old database.
Last month, a hacker attack on the PlayStation Network may have caused the stealing of data from 77 million user accounts.
The newer security breach involved Sony Online Entertainment network, PlayStation Network and Qriocity streaming music service, according to a report on TMCnet.
In related news, U.S. Sen. Richard Blumenthal (D-Conn.) said he wants answers from Sony executives about the data breach, which included the “compromising and theft of data from an additional 24.6 million Sony Online Entertainment accounts. Originally Sony had announced that a cyber-attack on their PlayStation accounts had resulted in 50-75 million accounts being compromised including the theft of identifying information like names, birth dates and financial information,” according to a statement from the senator’s office.
“I am deeply concerned about the egregious inadequacy of Sony’s efforts thus far to notify its customers of these breaches or to provide adequate protections for users whose personal and financial information may have been compromised,” Blumenthal wrote in a letter to Sony.
“Sony’s failure to adequately warn its customers about serious security risks is simply unconscionable and unacceptable … The company should do everything in its power to promote transparency and speed notification in order to protect its users against identity theft and financial fraud,” the letter adds.
Blumenthal has asked that U.S. Attorney General Eric Holder investigate the hacking and look into any possible improprieties by Sony.
Another comment was released by U.S. Rep. Edward Markey (D-Mass.), co-chairman of the House Bi-Partisan Privacy Caucus, which said, "Hackers and data thieves shouldn't be able to play 'Grand Theft Info' with millions of addresses, e-mails, and other sensitive information, some of which belongs to children.”
“I am concerned about the risk of identity theft and other crimes that could be caused by the release of this information. Sony needs to explain how this incident occurred, why this information does not appear to have been encrypted and what Sony is doing to fix the problem and help consumers whose data was exposed," Markey added in the statement which was carried on TMCnet.
In related news, McPhadden Samac Tuovi, a law firm based in Canada, is developing a class-action lawsuit against Sony for breach of privacy. The lawyers are seeking over 1 billion U.S. dollars. An earlier lawsuit was filed by the Rothken Law Firm, according to a report from V3.co.ok.
Meanwhile, Sony has written a letter to members of Congress about the data breach in which it answers several questions.
Ed Silverstein is a TMCnet contributor. To read more of his articles, please visit his columnist page.
Edited by Rich Steeves