updated 06:55 pm EDT, Fri April 29, 2011
Congress asks Sony to explain fiasco in detail
The US Congress has written to Sony asking it to provide the full details of the serious data breach that resulted in the PlayStation Network being taken offline. In a letter (PDF) addressed to Kazuo Hirai, chairman of Sony, Congress asks a number of pointed questions about the nature and depth of the attack including how it occurred and how the company plans to mitigate the effects of the breach. The letter from Congress also asks whether Sony will, "offer any credit monitoring or other services to consumers who suffer actual harm as a result of this breach."
While Sony claims that it currently does not have any evidence that customer credit card information was stolen, recent rumors have surfaced suggesting that the hackers who perpetrated the data theft have been attempting to sell a credit card list in underground Web forums. According to the NY Times, the hackers claim to have accessed as many as 2.2 million credit card numbers, although it is unclear whether this could also include the three-digit security code found on the reverse of the card.
Also among the questions asked by Congress, is when Sony actually first became aware of the breack, how it became aware of the breach and why it waited before notifying customers of the breach. Sony has been heavily criticized for the delay between finding the breach and informing customers of the extent of the breach.
Congress wants a reply to its questions by May 6.