Sony gets inquiry from Congressional subcommittee
Representative Mary Bono Mack (R-CA), chairman of the Subcommittee on Commerce, Manufacturing, and Trade, has issued some pointed questions at Sony's Kaz Hirai, including when they knew of the breach, why they waited to tell users, and why they believe cr
The PlayStation Network data theft already attracted the attention of one lawmaker, but now a Congressional subcommittee has entered the fray. The New York Times reports that a letter written by Representative Mary Bono Mack (R-CA), chairman of the Subcommittee on Commerce, Manufacturing, and Trade, questions Sony's knowledge of the data theft and requests a reply by Friday, May 6.
The letter is addressed directly to Sony Executive Deputy President Kazuo Hirai, and asks 13 pointed questions. They include when and how Sony learned about the breach, when law enforcement was notified, how Sony ascertained the number of users affected, why Sony waited to inform users, why the company believes credit card information was not compromised, and what preventive steps are being taken in the future. You can read the letter here (opens as PDF).
For its part, Sony has already addressed some of those questions, issuing a clarification last week. Credit cards seem to be the biggest uncertainty, as Sony has been vague on whether that information was taken.
A rumor circulated last week that a group of hackers was selling up to 2.2 million credit cards through underground message boards, and one hacker even claimed they offered to sell the list back to Sony. The discussion threads regarding selling the numbers openly were verified by multiple security experts, but there was no way to confirm if the list was legitimate. Sony's Patrick Seybold said there was "no truth" to the rumor that Sony had been directly offered to buy them, and he reiterated this point in a new security update today.
Congressional subcommittees are only one legal struggle the company faces, as it's already seeing a class-action suit over the breach. Meanwhile, despite assurances that the Sony Online Entertainment servers were kept separate from the PlayStation Network databases, the company pulled SOE service today. In a statement, the company said it "discovered an issue" with SOE while investigating the PSN breach. An update is expected later today.
In happier news, the company is planning to relaunch at least some PlayStation Network services this week, and has outlined a "Welcome Back" program for customers.
-
Shacknews
replySteve Watts posted a new article, Sony gets inquiry from Congressional subcommittee.
Representative Mary Bono Mack (R-CA), chairman of the Subcommittee on Commerce, Manufacturing, and Trade, has issued some pointed questions at Sony's Kaz Hirai, including when they knew of the breach, why they waited to tell users, and why they believe cr-
-
-
Yeah. It's too bad that everything in Congress has to come to a complete stop until this silly Sony business is resolved.
Oh. That's right.
-
-
we need to make a filter to remove front pager comments
-
-
[deleted]
-
-
perspective, you're missing it
-
Not everyone in Congress is in charge of budgets.
-
[deleted]
-
Perhaps I have come off as a bit overzealous.
This Sony thing essentially miniscule in the big scheme of things, when a solution to a budget crisis (which still exists btw) is still so far off. I'm glad they avoided a shut down, (cause my dad is in the military, and we enjoy when he gets paid) but something permanent needs to be done and should have been done a long time ago.
I just feel like they should lock themselves in the capital building and get something done.
My political opinions did spur my original post, and I probably should have restrained myself. But I meant what I said. -
-
[deleted]
-
-
-
-
It's May 6. This has been corrected.
-
[deleted]
-
-
-
-
-
[deleted]
-
-
There is another side of this is I do find it amazing that Sony is getting all of the shit for this. I mean they didn't accidentally email all of the personal information out or something. Regardless of how lax their security may or may not have been or if they could have handled the situation better (I'm under the opinion that they could have to a great deal) , someone or a group of people still broke into their system and stole data. This part of it never seems to be mentioned.
-
Because SONY had a responsibility to its customers. In any other context, most people wouldn't have a problem understanding where responsibility lies. I am responsible for my own child's actions regardless of the fact that I may not have done anything myself. Responsibility is the key word here, and Sony is responsible for their own network. Sony isn't catching shit for being hacked, but rather for the way they handled the situation and the data being stolen.
-
-
LOL... whats really funny is that people Congress calling for answers is about the Theft of Credit Card numbers... smh.
-
They're not just "Congress people" but a body specifically formed to look into these kinds of missteps by manufacturers and traders. It's pretty much part of their job to do this, especially in a high-profile case such as this where the offender is such a large and well-known manufacturer Americans are supposed to be able to trust with information.
Privacy and cyber security is a vital concern in this day and age. Sony is not being singled-out unfairly, but they possibly could be broadcast as an example of a serious and ballooning problem with privacy today if they don't get their ducks in a row soon.-
You really think that Congress looking into is about "customers information" and missteps by Sony. Please. There is a reason Homenland Security and the FBI are investigating this matter. This is about making sure some like this can't and won't happen on larger scale. If a hacker can get into Sony servers who says they can't get in the computers that control the power grid, or large banks etc. This has nothing to do with about missteps made by Sony.
I said nothing about Sony being singled out unfairly...I was laughing at the very transparent grand standing by the US Congress. Laughing so damn hard that I could not even type straight. They and a lot of people are scared shitless about what happened a week ago. There is a bigger picture that a lot of people are missing and it has nothing to do with Sony. Toyota's screw up actually killed people and they were called in front of Congress and nothing happened. The same is going to happen here absolutely nothing a nice show and a lot of bark but that's all.
-
Sure it is.
As I said, it's a specific part of this subcommittee's duties and they are allowed to exercise that discretion. The reasoning behind it may be complex-- when isn't it in politics-- but the benefits of beginning a public investigations is that they must turn up some results. Seeing as Sony hasn't exactly been forthcoming with answers by either design or happenstance, someone feels the need to seek those answers. That's fine.
Toyota's "screw-up" tbh is turning out not to be some clear cut case of defects or mismanagement. Hell, the NHTSA are pretty much ready to admit those accidents could just as easily have been caused by driver error. So after all that hoopla, maybe Congress didn't find much because there was nothing much to find?
I'm not attempting to make excuses for them; I have no love for political bodies. Perhaps it's just a show to prepare for 2012 or some such. But even a show will do more than you or I can to find a resolution.
-
-
-
-
[deleted]
-
That's insane. One of hackers try to sell customers stolen credit card back to the Sony.
-
http://www.qj.net/ps3/news/rumor-psn-outage-due-to-rebug-custom-firmware.html Yes rumor but seriously plausible.... You know there might be a chance that everyone is flipping out for no reason??? That nobodies info went anywhere? It sucks what happened but nobody died so get over it, stop the pointless hating...
-
Ah, here you are. I wondered when you'd show up.
Sony has admitted that customer data on 77 million accounts was stolen. Not just accessed, but downloaded. No, they're not flipping out for no reason. People are concerned for good reason on their logins and hashed passwords, along with emails and their address/names getting leaked.
-
-
This just seems to me like an excuse to dive right into a hot button topic. Unfortunately as online security breach of this magnitude has not been encountered in the past, it was inevitable that questions would be asked.
I don't see it being any different if it happened with Amazon or XBL.
Having a bank robbed is one thing because they have insurance to cover damages. Online security breaches however seemed to be uncharted territories, and thus question of insurance have never come up since breaches as such has never happened.
I can imagine new laws being written regarding some form of insurance. -
could have also been 2.2 million customers who were stupid enough to click an email and give information as well
-
