The Wall Street Journal has an update on recent revelations that Sony Playstation users’ data had been breached.
Sony Corp. apologized Sunday for a security breach at its online videogame service, and said it couldn’t rule out the possibility that credit-card information from 10 million customers might have been compromised. The Japanese electronics company said there is no evidence at this time that the encrypted credit-card data were stolen. However, Sony has said a hacker stole other information about its account holders, including names, addresses, email addresses and birth dates.
At a hastily called news conference Sunday, three Sony executives—including Kazuo Hirai, the head of the videogame and consumer-electronics unit— bowed deeply to apologize for the inconvenience caused to Sony’s customers when the hacker penetrated its PlayStation network database and obtained personal information about the service’s 77 million registered accounts. […]
The briefing in Tokyo was also the first time Sony executives faced questions from the media about the security breach since the company shut down the PlayStation network and Qriocity streaming-video and -music services on April 20 upon discovering the intrusion.
The news conference followed a request by two members of the U.S. Congress for Mr. Hirai to explain when Sony first learned of the breach, why the company waited days to notify its customers and how it intends to prevent similar incidents in the future. Unveiling measures to bolster Sony’s online security, Mr. Hirai said the company decided to wait to inform its customers until it had collected information about what happened. […]
Sony said it is working with law-enforcement agencies to track down and prosecute those responsible for the attack. The company said it is creating the position of chief information security officer to oversee the protection of customer data. In addition, Sony said it will take steps to improve detection of future attacks and increase levels of data protection and encryption.
The company also said it plans to implement additional firewalls, expedite a planned move of the system to a new data center and ask users to change their passwords upon signing onto the PlayStation network.