Sony gets a slap on the wrist for the 2011 Playstation Network hack

Some of you might remember the gigantic hack of Sony’s Playstation Network back in 2011 (which was apparently some form of retaliation soon after Sony announced they would sue PS3 hacker George Hotz). Ars Technica revealed a few days ago that the UK government fined Sony about $395,000 for their poor handling of that massive data leak.

As a reminder for those who didn’t own any PSN Account back then, the personal information of 77 million accounts on Sony’s network had been disclosed, including customers’ name and address, as well as hashed versions of the password. Sony had kept the breach secret for several days, publicly announcing the issue almost one week after it happened. They then took the PSN down for almost 3 weeks in order to fix the issue. Sony’s way of handling the situation has been judged to breach UK’s Data Protection Act according to the government’s experts.

“It is a company that trades on its technical expertise, and there’s no doubt in my mind that they had access to both the technical knowledge and the resources to keep this information safe.”

Sony plans to appeal that decision, saying that the fine is undeserved. Almost as interesting as the piece of news itself are the comments from the community. Many gamers have pointed out that this represents half a cent per account, in other words a slap on the wrist for a company like Sony, and given the impact. On the other hand, Sony’s health was already dramatically impacted at the time by the bad image and the costs involved with the hacks, so one can wonder if UK’s fine is necessary (Sony’s stock value has been divided by 3 since March 2011. Last month, Sony’s stock hit its lowest since 1988)

My opinion back in 2011 was that Sony should not pretend to play in the same league as companies such as Microsoft or Google, if they do not have the security measures that go with it. And I’ll stick with that opinion: it’s one thing to sell TVs and video game consoles, it’s another one to handle online services and people’s wallets. We can hope that Sony have learned that lesson, and spend more time and money in protecting their customers’ personal information than they did back then. (If I were cynical, I’d pretend that if they spent as much effort in securing our information, as they spend preventing people from stealing their intellectual property, this issue would have never happened)

More details on the official Penalty Notice

  1. Sylen7Nato’s avatar

    so im only worth half a cent to sony?…thats half a cent more than i thought id be worth to them…

    Reply

    1. wololo’s avatar

      Ah, no, Sony refuses to pay, so your initial guess was right.

      Reply

    2. Yes’s avatar

      I’m pretty sure that the ID protection they offered afterwards cost more than half a cent.

      Reply

      1. UE’s avatar

        Not per user… Not compared to all those effected.

        Reply

        1. Yes’s avatar

          How do you mean? Everyone who wanted that ID protection could get it (well, it wasnt available in every country worldwide, but still). Everyone also got free PS3 and PSP games, those had a value of more than 50 cent.

          Reply

        2. Yes’s avatar

          I can also mention that there was no evidence that 77 million accounts were compromised. It was just that they couldnt rule it out 100%. But this is just speculation :)

          Reply

    3. David Cameron’s avatar

      You’re worth 0 cents you worthless American. Only the European master race is worth defending.

      Reply

      1. SSJ-Vita’s avatar

        That’s the stupidest thing I’ve ever heard hahaha. You know Most Americans came from Europe right? And there’s no such thing as a master race so stop devolving.

        Reply

    4. xboxtoo’s avatar

      Does anyone realize that Xbox Live has been hacked several times over? No, because for some reason the media only cared about Sony. Not only that, but no one seems to care that hacking in general is a cyber crime. It’s no different than walking into someones house with a simple lock and then stealing everything from the house. It’s still burglary.

      Reply

      1. Acid_Snake’s avatar

        I agree 100% on this, when apple or nintendo f*cks up, nobody cares, when sony f*cks up people get all assed about it and use it as an excuse to download pirated games on their psps/ps3s. I do hate the fact that sony spends so much money on ridiculous security for the vita but doesn’t for psn, but sony’s not the only company to do stupid things, and it’s actually one of the few companies that give out free stuff as a way of saying “sorry”. When a ps3 gets the ylod, ps3 users start hating on sony, I mean, really? I’ve been in xbox360 forums and most people have had at least 5 xboxs, all having the rrod, and they didn’t seem to care. As for otherOS, yes I hate that they removed it, but nobody used it, it was a feature nobody cared about that was making sony loose money, same as ps2 support, those who really want to play ps2 games on the ps3 will get a BC ps3, those who don’t care will get a normal ps3, at least sony gave us that opportunity, I’ve never seen microsoft allowing us to install another OS

        Reply

  2. Electric Penis’s avatar

    I support Sony’s decision. They don’t need to pay any damn fine at all, considering you were all too moronic to keep your PSN accounts secure.

    God damn, you’re all a bunch of regular Dingo-felating jackoffs.

    Reply

    1. UE’s avatar

      ??? You are realizing that the hack was on their servers directly… Not through user errors?

      Reply

    2. hammer’s avatar

      huh? It was sony who got hacked and lost our personal data, the users had no way to keep their psn accounts secure. So I guess we were just too lazy to go back in time and remove our personal. You sir are a gigantic douche

      Reply

    3. David Cameron’s avatar

      Troll more.

      Reply

  3. Yes’s avatar

    I really doubt this hack was a retaliation because of the lawsuit against Geohot. People hacks things all the time trying to get information, i doubt they care much about if the company has done anything or not.

    And to be fair regarding handling people’s wallet, nothing were compromised in that sector.

    I wish there were more information on what exactly happened regarding the actual hack (which exploits that were used etc.). I also wonder how ICO (the UK goverment) came to their conclusion. And in this case, i feel that there is very little focus on the people who actually did the hack. That makes a bit sense since we dont know much about it, but still, they are the reason for that this incident happened.

    Reply

    1. UE’s avatar

      Oh it certainly wasn’t a retaliation attack.

      They never are.

      Reply

      1. Yes’s avatar

        I agree, i dont think this PSN hack is related to the lawsuit against Geohot in any way. I think the PSN hack would have happened even if Geohot didnt get sued.

        Reply

    2. David Cameron’s avatar

      It wasn’t a retaliation attack, but Sony do themselves no favours by disrespecting consumers time and time again.

      Their aggressive stances regarding jailbreaking, hardware ownership and now second hand game ownership is a futile battle against the consumer in order to maximise profits and it that makes them more enemies than friends.

      They set themselves up to be targets, hence this was not the last news worthy hack on Sony, and there will undoubtedly be more attacks to come. If you’re new to hacking, first place you point your LOIC is sony.com or playstation.com.

      Reply

  4. soad26’s avatar

    Sony is the victim here. So they are going to sue the victim? Which is sony? I smell fish in here.

    Reply

    1. Yes’s avatar

      When companies are handling other people’s info, the companies have a responsibility to make sure that this info is as safe as possible.

      This lawsuit is about that ICO (the UK goverment agency) means that Sony didnt do enough to protect this data. I am very curious on what ICO is basing this on, that Sony didnt do enough to protect. It could be true, but i’m still curious what their report says about it.

      The reason why Sony appeals this lawsuit is most likely because they mean that they did enough to prevent such hack, and that it wasnt “lazy security” on their side. The money doesnt really matter much i think, it is more about a question of being guilty or not.

      The PSN hack cost Sony about 180 million dollars or so, and also that it could have given PSN a really bad reputation. Those things on their own is a pretty big punishment in itself, so this $395.000 dollars extra isnt really that important i think.

      But i agree, the focus in this case has been about making Sony the bad guy, and almost ignoring the guys who actually did the hack, at least that is my impression. Of course Sony has their responisbility to make sure that all the PSN data is as secure as possible, but since we dont know anything about the details around how the PSN hack was done, it is hard to say, in my opinion.

      Reply

      1. flash_falcon’s avatar

        “But i agree, the focus in this case has been about making Sony the bad guy, and almost ignoring the guys who actually did the hack, at least that is my impression. Of course Sony has their responisbility to make sure that all the PSN data is as secure as possible, but since we dont know anything about the details around how the PSN hack was done, it is hard to say, in my opinion.”

        +1 – I support your opinion here 100%!!!

        Reply

        1. UE’s avatar

          Sony has been bad, so have the hackers…
          Both are the dodgy party in this issue.

          Reply

    2. Link1565’s avatar

      Well, yes, Sony is the victim.
      But, they are being fined for their poor management of the information that people have entrusted them with.
      I have always believed that Sony’s management of PSN has been extremely poor and these hacks just prove that.

      Reply

      1. soad26’s avatar

        Windows is hacked every day. Apple steals ideas everywhere. No one sues this companies. In my opinion, this is just them milking something to milk.

        Reply

        1. WolfRamiO’s avatar

          dude… apple, samsung and LG have a war like the Tec. World war… read the news they have things in the court on every coutry of the earth.

          Reply

    3. Davee’s avatar

      How are Sony the victim? Passwords unencrypted, with the addition of easily accessible CC information is unacceptable and they deserve every fine thrown at them.

      You’re siding with a company that only give a shit about your security if they are exposed. They are not the victim, we are.

      Reply

      1. David Cameron’s avatar

        This.

        Reply

    1. flash_falcon’s avatar

      Whoops…I messed up that post. The linked item is to the story regarding the woman sued over 24 songs.

      Reply

    2. zoraktorok’s avatar

      Geohot…. still receives credit for all the work that was done… and wants it, er, did… Wonder what the hell hes up to… hopefully atleast wishing he had split the glory up :-)

      Reply

      1. flash_falcon’s avatar

        Credit is definitely there for him, but, I just don’t agree with how he went about things. He really should have kept the keys quiet and just released applications.

        Reply

  5. NinjaKakashi’s avatar

    May I remind you that microsoft xbox had the same security as sony did but hackers decided to hack sony instead of microsoft…

    Reply

  6. Tonakai’s avatar

    I couldn’t help but chuckle when I read that they were fined although as a whole it’s not a laughing matter.

    My details were leaked during this time, and I ended up having approximately £500 stolen from my bank, so I wasn’t happy at all. If I’m not mistaken this was done by Anonymous and if so, their motives are unclear to me. For the most part I agree with their actions and motives, however; leaking thousands of peoples details to the internet is horrendous.

    Either way, I do believe that Sony deserve the fine.

    Reply

    1. Yes’s avatar

      Were any info leaked online from the PSN hack? I know that other Sony related databases were apparently published, but i havnt seen any PSN related stuff being leaked online.

      Reply

  7. Dev’s avatar

    So when Microsoft got hacked and some hackers stole creditcard information, please tell me why they don’t get sued?

    Reply

    1. hammer’s avatar

      I believe the microsoft hacks were individual consoles (hackers got into their accounts,only a few were affected) where as the sony had their servers hacked and all accounts were compromised
      in microsofts case it was probably the users fault by giving out their password to a phising site but in sonys case it was clearly sony at fault

      Reply

  8. kenny2858’s avatar

    You know its going to be an interesting post when wololo posts it.

    Reply

  9. pSnDeaofly’s avatar

    I don’t know why people are getting upset, not even 1 single person has ever reported anything wrong with their account. Those who did were looked into and found to be nothing but a lie. If you just don’t like it, well stop using PlayStation Products. These things happen and I feel Sony has learned there lesson.

    Reply

  10. oreo’s avatar

    I hope this doesn’t tear Sony up…. I bought my Ps3 after this happened (switched from Xbox)

    Reply

  11. Kyu’s avatar

    I only recently became a PSN member,hopefully,my info won’t get stolen (not that a hacker could do much with my acc anyway :lol:)

    Reply

    1. Kyu’s avatar

      Won’t get stolen as in PSN won’t get hacked again :)

      Reply

  12. Rijndael’s avatar

    So if a motherfucker rapes my daughter the government will take her to jail cause she didnt prevent it?

    The uk government should put efforts to caught the hackers instead of doing this kind of shit.

    And im not a fanboy, i dont give a fuck about companies, but punish the victim is not just unfair, is stupid.

    Reply

    1. wololo’s avatar

      First, your metaphor is way out of proportion.

      Second, the victim here is not Sony, the victims are the 77 million customers that got their information stolen. Part of the price you pay when you use the Playstation Network involves security. A company can’t promise they will never get hacked, but there is an implicit guarantee that Sony will do “their best” to protect your information (a bit like a doctor guarantees they will do their best to treat you when you are sick, but cannot guarantee they will actually fix you).
      That definition of “doing their best” is protected by the law in some countries (e.g. the Data act I mention above for the UK), and experts estimate that Sony didn’t do “their best” at the time to protect their customers’ information, hence the fine.

      Reply

      1. Rijndael’s avatar

        Honestly, you think what they are doing is fine?
        Im not protecting sony, i heard they had all the passwords on a txt file and thats fucked up.
        But again, is stupid to punish the victim, even if you say they are not the victim here, a cracker took their security down and stole private info, they lost millions for it.
        Another thing is, something like that happened to microsoft a while ago… they did something about it? NO
        Again, this is just stupid, the uk government should spend the time looking for the crackers instead of doing this kind of things.

        Reply

        1. wololo’s avatar

          Err, the hackers have been arrested a while ago, at least some of them ( http://www.zdnet.com/blog/gadgetreviews/3-alleged-playstation-network-hackers-arrested-in-spain/25498 ). So this is not about that, this is about punishing *all* the people responsible for this issue.
          Think about it another way. If you were putting your money into a bank, and that bank got robbed, wouldn’t you be expecting some form of penalty to be sent to the bank (in addition to the robbers being arrested, *of course*) if it was proven that they had made an obvious mistake, such as leaving a window open?

          Reply

          1. Rijndael’s avatar

            I didn’t knew the crackers were arrested, thanks for the link.
            And if the bank where i have my money gets robbed, id want my money back since im paying for it, i wouldnt really care for what happen to the bank itself, but obviously, i wouldnt trust them again.
            If someone robs my house, and the police tell me its my fault and i need to pay a fine because my door was easy to open, id want to punch them on the face.
            Anyways, our points of sight are very different and this is going nowhere, i respect yours but i dont agree.

          2. gunblade’s avatar

            so sum was from spain thats nice

  13. eighthdayregret’s avatar

    I think everyone should actually be a little relived that Sony only got what amounts to a slap on the wrist.
    Think about it this way: if they’d been sentenced to a gawdawful amount, who do you think they’d start coming after?

    The more heat Sony gets for what happened due to people hacking their consoles, the more heat Sony’s gonna put ON THE PEOPLE HACKING THEIR CONSOLES.

    Be glad the penalty wasn’t stiffer…
    Not that Sony won’t blow this completely outta proportion.

    Reply

    1. wololo’s avatar

      Well, hopefully Sony makes a strong difference between customers who hack their own console, and thieves who break into Sony’s network…

      Reply

      1. eighthdayregret’s avatar

        Agreed. Alot of the people who hack their consoles aren’t trying to be dishonest about it. They just love their little gadgets and want to get the most out of it as possible.
        And, of course, the PSN may not always be an option for PSP owners, so those of us who’ve spent a whole crap-load of money on digital releases and DLC want a way to be able to not lose something we’ve paid for.
        When the PSN went down and I had to reformat my memory stick, I couldn’t use ANY of the stuff I’d paid for until I learned how useful it was to back up your EBOOTs, licenses, and act.dat and that you really didn’t need the PSN or MediaGo at all once you’d installed your media.
        I just kind of wish that Sony knew how much we love these little devices, how little ill will we have toward them, how much we really do want their gadgets to succeed, and the lengths we’re willing to go to get as much out of them as possible.
        Everything that’s been done, whether some may disagree or not, boils down to that.
        It’s the same reason why all these emulators and ROMs for past gaming systems exist at all: these things are part of our lives (and for some, more important than Sony or anyone could ever realize) and we don’t want to lose them.
        All they’d really have to do is look at Prometheus Online or something of the sort with the right set of eyes, and they’d realize that there are alot of people out there who believe in their products more than Sony themselves seem to and are doing everything they can to keep people interested, despite Sony’s best efforts to force us to just call the whole thing a loss and give up.

        If Sony fought half as hard for the quality the PSP and Vita deserve, instead of worrying about all this other bullsh*t, both of the systems would have been, and still would be, doing amazingly well.

        I mean, they’re so focused on the PS3 and screwing over hackers that they’ve totally forgotten that the PSP has outsold the PS3, even though it’s got virtually no online multiplayer, and receives about 1/100th of the support from developers that the PS3 does.

        Reply

  14. gunblade’s avatar

    hopefully or else alot of everyday sony user might get arrested for like downloading n using save games from the internet or sumthing i mean they did have isssues with cheating last i heard …. so on sony end i noticed alot of vita stuff is getting real cheap a back up battery thing cost like almost fity dallers nows its like twenty sumthing even the systhem are getting prety cheap n heard that sony sold like the us building or sumthing so was wandering if sony needed the money or sumthing…

    Reply

  15. James Way’s avatar

    Goood….Gooooood…..Ive been looking into investing in them and if you hit the bottom of the barrel, you can only go up. I don’t see them ever going Sega’s way as they are not just video games, and they are are not just cameras, and they are not just tv or stereos or any one thing, so they’ll bounce back up sooner or later. It’s like Pfizer right back in the 1000s with celebrex and even now with lipitor and a few others. It’s still around.

    Reply

  16. James is a hucklebuck’s avatar

    This is so dumb that sony wouldn’t just come to a settlement to avoid media hype. They already have a crap rep and it just gets worse. I don’t know anyone who supports any sony products at all everyone I know owns SAMSUNG LG or Panasonic items in their homes cars or even accessories. Sony needs to shape up they should start with releasing some real ps vita games because everyone I know who bought a vita returned it to buy a tablet or something else

    Reply

  17. juicer reviews,’s avatar

    This piece of writing is in fact a good one it assists new web people, who are wishing for blogging.

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>