Sony, Epsilon scolded for ducking probe

Powered by SC Magazine
 

Sony PlayStation Network was unpatched, lacked firewall.

Sony and marketing company Epsilon have been chastised in a US House hearing overnight for shirking a committee hearing on the high-profile breaches which exposed millions of personal records.

Congresswoman Mary Bono Mack said it was “unacceptable” that representatives from the two companies did not front up to questions about how the companies were breached.

Mack said Sony’s decision to notify customers via a corporate blog was a “half-hearted, half-baked” decision.

“Sony put the burden on consumers to search for information instead of accepting the burden of notifying them,” Mack said. “If I have anything to do with it, that kind of half-hearted, half-baked response is not going to fly in the future.”

Mack said while the companies are victims, they must take responsibility for the attacks.

“According to Epsilon, the company did not have time to prepare for our hearing, even though its data breach occurred more than a month ago. Sony, meanwhile, says it’s too busy with its ongoing investigation to appear. Well, what about the millions of American consumers who are still twisting in the wind because of these breaches? They deserve some straight answers, and I am determined to get them.”

US Senator Richard Blumenthal sent a letter to Sony’s Hazai and CEO Jack Tretton attacking the “egregious inadequacy” of Sony’s efforts.

“I am deeply concerned about the egregious inadequacy of Sony’s efforts thus far to notify its customers of these breaches or to provide adequate protections for users whose personal and financial information may have been compromised,” he said. “Sony’s failure to adequately warn its customers about serious security risks is simply unconscionable and unacceptable.”

Sony had blamed the breach of its PlayStation Network - which exposed up to 77 million personal records - on internet activist collective Anonymous. The hacktevist group had previously denied involvement.

Sony consumer chief Kazuo Hazai said in a letter that the company found an Anonymous calling card (PDF) which said “we are legion”, but the company did not elaborate on the validity of the discovery.

SC Magazine Australia has sought confirmation from a liaison from Anonymous.

Dr Gene Spafford of the US-based Purdue University said the servers behind the Sony PlayStation Network were unpatched and did not have a firewall. He said the details were noted in a mailing list months before the breach occurred.

Copyright © SC Magazine, Australia


Sony, Epsilon scolded for ducking probe
Tags
 
 
 
Top Stories
At the top of her game
A decision to bring digital operations back in-house three years ago has paid big dividends for Tabcorp.
 
Westpac hires SAP man as CTO
Creates four new IT lead positions.
 
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  21%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 983

Vote