The U.K.'s Information Commissioner's Office (ICO) had a sad chunk of news for Sony Computer Entertainment Europe, levying a six-figure fine against the company for its role in the 2011 PlayStation Network hack that revealed the personal details of millions of gamers throughout the U.K. and well beyond.
The ICO, citing the Data Protection Act, slapped Sony with a 250,000 pound sterling ($395,550 U.S.) fine for their involvement in the hacking, saying that Sony should have done more to better protect the data under its charge. The ICO further elaborated that, had Sony been using the newest security patches for its software, and been following best practice guidelines for password security, like salting and hashing, then the breach wouldn't have happened in the first place. This is a sentiment reportedly echoed by the analysis of several security specialists.
Just who was ultimately behind the PlayStation Network hack of 2011, that shut down the network for an extended period of time and revealed the personal information of a huge crowd of gamers, is still up for some debate. Sony, not surprisingly, blamed the hacktivist community, especially its poster boy movement, Anonymous. Anonymous, however, was quick to deny involvement in such an affair, though given the highly non-centralized nature of Anonymous as a whole, it's difficult to prove that one way or the next. Given that the data revealed involved things like names, addresses, account passwords and other key identifiers--though by some reports, not credit card information, although it was at risk--it's easy to see why finding the responsible parties was so important to so many.
Image via Shutterstock
The ICO's fine against Sony is not only one of the largest it has ever levied, but also one of the largest it even has the authority to levy in the first place. The ICO's maximum fine is 500,000 pounds sterling, and was more closely approached by a recent incident involving Brighton and Sussex NHS Trust, who sold several hard drives on eBay (News - Alert) that hadn't been properly wiped or destroyed, resulting in information about STD testing and HIV patients being potentially made available.
Sony, for its part, likely won't feel the impact of the fine too much, as they already paid out an estimated $171 million U.S. in fixes and "welcome back" packages extended to disgruntled users, as well as assorted compensation measures to gamers impacted by the breach.
It's easy to look at the ICO's move to fine Sony nearly two years after the incident occurred as a desperate cash-grab on the part of a government organization, but still, it's clear that such incidents need to be prevented in the future. Gamers have every right to expect that the information they leave on hand with Sony, Nintendo, Microsoft (News - Alert), Valve or anyone else will be treated with respect and appropriately protected, especially if the companies require the provision of that information as a necessity to deal with them in the first place.
However, given that the incident itself was nearly two years ago, and nothing further has happened since, it's a safe bet that the PlayStation Network debacle has lit a fire under other companies and given a little extra thought toward data security, a welcome development for all...well...except the hackers, that is.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.
Edited by Brooke Neuman