A Congressional subcomittee met today to discuss the breach of the Playstation Network and the response by Sony. While no representatives made an appearance at the hearing, Sony’s Kaz Hirai did pen a letter to explain Sony’s side of the story and it includes a reference to Anonymous.
The House of Representatives’ Committee on Energy and Commerce did not have kind words for Sony with Rep. Mary Bono Mack (R-Calif.) taking the company to task for announcing the intrusion to the Playstation Network via the official Playstation Blog.
“In Sony’s case, company officials first revealed information about the data breach on their blog,” Bono Mack said. “That’s right. A blog. I hate to pile on, but — in essence — Sony put the burden on consumers to ‘search’ for information, instead of accepting the burden of notifying them. If I have anything to do with it, that kind of half-hearted, half-baked response is not going to fly in the future.”
As of now, the Playstation Network is still down two weeks after it was initially attacked on April 19 and shutdown on April 20. Sony calls the attack “a very carefully planned, very professional, highly sophisticated criminal cyber attack” in a letter from CEO Kaz Hirai to Congress. The Playstation Blog also notes that a file was placed on the Sony’s server that references the hacking group “Anonymous” that included their “We are legion” saying. Anonymous previously denied that they were involved with the attack but did not rule out a splinter group being behind the breach.
Hirai explained the six day delay for notifying customers that personal and credit data may have been compromised by stating that it took that long for Sony to determine the extent of the intrusion due to the massive size of the network and the way that the hackers covered their tracks. “By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed,” Hirai wrote. “On April 26, we notified customers of those facts.”
No credit reporting agency has reported any fraudulent credit card transactions according to Sony but the company is offering “complimentary identity theft protection to U.S. account holder.” It has still yet to determine the identities of the hackers but is working with the FBI and forensic experts to investigate.
As Sony previously stated, Hirai wrote that Sony has beefed up security for the Playstation Network by taking measures such as enhanced data protection and encryption, more firewalls and the hiring of a chief information security officer. The company is also offering a “Welcome Back” program that includes free downloads, 30 days of free membership in the
PlayStation Plus premium subscription service; 30 days of free service for Music Unlimited subscribers; and extending PlayStation Plus and Music Unlimited subscriptions for the number of days services were unavailable.
In a post this past Sunday, Sony reported that it would try to have the Playstation Network up within the week. There has been no update from the company regarding that timeline.
You can read the complete letter here.
Follow us on Facebook or Twitter for the latest news or you can subscribe to our RSS feed or email alerts.