Just when Sony executives thought they had finally put the infamous PSN security breach of 2011 (which took down PSN for an entire month) behind them, they receive a fine from the UK government for its failure to prevent the incident from happening.
The £250,000 fine was issued by the Information Commissioner's Office, stating Sony’s poor security put about 77 million customers at risk of identity theft, thus violating what is called the Data Protection Act.
ICO (huh, those are some ironic initials) deputy commissioner and director of data protection, David Smith said that while ICO recognizes Sony’s database was the victim of a criminal attack, it believes Sony didn’t do enough to protect the personal information of PSN users.
"There's no disguising that this is a business that should have known better. It is a company that trades on its technical expertise, and there's no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe.”
According to the BBC’s Steph McGovern
, Sony Computer Entertainment Europe plans to appeal ICO’s ruling.
Sure Sony was the victim of hackers but the company also should have implemented stronger security long-before the attack even took place. So the company should just pay the fine and avoid any further negative press. Besides, £250,000 isn’t exactly that large of a fine in retrospect, as it is being filed against an entertainment industry giant after all.