By Peter Ferenczi | Mon May 02, 2011 11:02 am |
The letter asks how the breach occurred, what information was stolen, whether all users or just a subset were affected, whether Sony knows who is responsible, and when the company notified law enforcement about the attack.Sony previously stated that the attack happened on April 19, but it didn't acknowledge it publicly until April 22, reportedly because it wanted time to analyze the breach. The company didn't tell users their data was stolen until April 26, a delay that angered many. The company said that it has no evidence that credit card data was stolen, but that it can't rule it out. The credit card information was supposedly encrypted, which would make it difficult but not necessarily impossible to access. Individuals claiming to have a list of 2.2 million credit card accounts from the breach reportedly surfaced on hacker discussion boards trying to sell the data, but whether they actually had the information hasn't been confirmed. "Given the amount and nature of the personal information known to have been taken, the potential harm that could be caused if credit card information was also taken would be quite significant," the Congressional letter said. The incident is a black eye for Sony and underscores the risk users face when trusting companies with personal data, especially payment information. If the commercial risk of losing customers doesn't compel adequate data protection measures, regulation may step in. The House subcommittee on Commerce, Manufacturing and Trade reportedly expects to introduce data security legislation this year, which could help address the problem. Earlier this year, a marketing company leaked millions of e-mail addresses belonging to customers of many major U.S. retail chains. While that information was less sensitive than Sony's data, it points to a recurring problem that's likely to continue if companies can't tighten security sufficiently. The PlayStation network has around 77 million users. Sony said in a blog posting that parts of the service would be online again this week. On Thursday, PlayStation owners sued Sony for failing to protect customer accounts from the hack.
|
] |
CellReception.com |
CellRisk.com |
Appedia.com |
Tabletedia.com
[ 
] |
iTVedia.com