Sony responds to Congress

by: Jeremy -
Earlier today, Sony publicly revealed Kaz Hirai’s written response to the Subcommittee on Commerce, Manufacturing, and Trade of the U.S. House of Representatives Committee on Energy and Commerce. The letter was in response to questions posed by the Committee for the current congressional hearing regarding “The Threat of Data Theft to American Consumers”.

You can read Kaz’s full letter below if you are interested but the letter can be summarized as follows:

Sony dealt with the current cyber attack with a focus on 4 primary principles:
  • act with care and caution
  • provide relevant information to the public when it has been verified
  • take responsibility for their obligations to their customers
  • work with law enforcement authorites
The Committee was also informed of the following points:
  • Sony has been the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack.
  • "We discovered that the intruders had planted a file on one of our Sony Online Entertainment servers named “Anonymous” with the words “We are Legion.”"
  • By April 25, forensic teams were able to confirm the scope of the personal data they believed had been taken, and could not rule out whether credit card information had been accessed. On April 26, we notified customers of those facts.
  • As of today, the major credit card companies have not reported any fraudulent transactions that they believe are the direct result of this cyber attack.
  • Protecting individuals’ personal data is the highest priority and ensuring that the Internet can be made secure for commerce is also essential. Worldwide, countries and businesses will have to come together to ensure the safety of commerce over the Internet and find ways to combat cybercrime and cyber terrorism.
  • We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer.
Sony also outlined its intentions with the “Welcome Back” program and stated that the following would be included for all PSN members:
  • complimentary identity theft protection to U.S. account holders
  • free downloads
  • 30 days of free membership in the PlayStation Plus premium subscription service
  • 30 days of free service for Music Unlimited subscribers
  • extending PlayStation Plus and Music Unlimited subscriptions for the number of days services were unavailable

I am not sure what else Sony can do at this point to calm the masses as they appear, at least in my book, to be doing everything in their power to address the issue at hand. Everyone complains about the fact that they “can’t get online and play games”, but think about the effects that are being felt at Sony and its industry partners who have been effected by the outage. Numerous companies are starting to feel the ripple effect(s) of the outage and their damages far exceed what 99.9% of PSN users are experiencing. There is a very small percentage of the user base that has been or may be impacted financially due to the the loss of financial information and I really feel bad for those individuals. Unless you are one of the 900 accounts (of the estimated 111,000,000 included in Sony’s online services), you should really consider calming down and let them fix this debacle...

comments powered by Disqus