updated 06:16 am EDT, Mon July 15, 2013
ICO states Sony 'should have known better' before securing PlayStation Network
Sony will be paying a fine of £250,000 ($376,000) to a British regulator, over its handling of a data breach. Sony has decided not to appeal the fine from the Information Commissioner's Office (ICO), relating to the PlayStation Network hack in 2011 which saw personal data and payment details for millions of its customers being put at risk.
The original fine, handed to Sony Computer Entertainment Europe in January, was met with resistance from the manufacturer, with Sony "strongly disagreeing" with the ruling and planning to appeal, as it believed the attack was the result of a "focused and determined criminal attack." An update on Twitter by the ICO states that Sony has chosen not to appeal.
"After careful consideration we are withdrawing our appeal," said a Sony spokesperson to V3, continuing "This decision reflects our commitment to protect the confidentiality of our network security from disclosures in the course of the proceeding. We continue to disagree with the decision on the merits."
David Smith, deputy commissioner and director of data protection at the ICO, said "There's no disguising that this is a business that should have known better," that it is a company that "trades on its technical expertise," and that it had access to "both the technical knowledge and the resources to keep this information safe."
In the time since the intrusion, the PlayStation Network's security received some improvements, Kaz Hirai publicly apologized for the lack of protection from attackers, and managed to fend off a class action lawsuit thanks to user agreement clauses.