Sony fined in UK over PlayStation cyberattack

The company pays penalty for having insufficient security measures to prevent the attack on its PlayStation Network that put millions of users' personal information at risk.

LONDON — British regulators fined Sony 250,000 pounds ($396,100) on Thursday for having insufficient security measures to prevent a cyberattack on its PlayStation Network.

The attack in April 2011 targeted credit card information through Sony's PlayStation Network and put millions of users' personal information — including names, addresses, birth dates and account passwords — at risk.

Britain's Information Commissioner's Office said Thursday that security measures in place at the time "were simply not good enough." It said the attack could have been prevented if software had been up to date, while passwords were also not secure.

David Smith, deputy commissioner and director of data protection, acknowledged that the fine for a "serious breach of the Data Protection Act" was "clearly substantial" but said that the office makes "no apologies" for that.

"There's no disguising that this is a business that should have known better," he said in a statement. "It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe."

Smith called the case "one of the most serious ever reported" to the data regulator.

 

MSN News on Facebook and Twitter

Stay up to date on breaking news and current events.

Friend us on Facebook: www.facebook.com/news.msn

Follow us on Twitter: www.twitter.com/msnnews