Sony gets inquiry from Congressional subcommittee

Representative Mary Bono Mack (R-CA), chairman of the Subcommittee on Commerce, Manufacturing, and Trade, has issued some pointed questions at Sony's Kaz Hirai, including when they knew of the breach, why they waited to tell users, and why they believe cr

17

The PlayStation Network data theft already attracted the attention of one lawmaker, but now a Congressional subcommittee has entered the fray. The New York Times reports that a letter written by Representative Mary Bono Mack (R-CA), chairman of the Subcommittee on Commerce, Manufacturing, and Trade, questions Sony's knowledge of the data theft and requests a reply by Friday, May 6.

The letter is addressed directly to Sony Executive Deputy President Kazuo Hirai, and asks 13 pointed questions. They include when and how Sony learned about the breach, when law enforcement was notified, how Sony ascertained the number of users affected, why Sony waited to inform users, why the company believes credit card information was not compromised, and what preventive steps are being taken in the future. You can read the letter here (opens as PDF).

For its part, Sony has already addressed some of those questions, issuing a clarification last week. Credit cards seem to be the biggest uncertainty, as Sony has been vague on whether that information was taken.

A rumor circulated last week that a group of hackers was selling up to 2.2 million credit cards through underground message boards, and one hacker even claimed they offered to sell the list back to Sony. The discussion threads regarding selling the numbers openly were verified by multiple security experts, but there was no way to confirm if the list was legitimate. Sony's Patrick Seybold said there was "no truth" to the rumor that Sony had been directly offered to buy them, and he reiterated this point in a new security update today.

Congressional subcommittees are only one legal struggle the company faces, as it's already seeing a class-action suit over the breach. Meanwhile, despite assurances that the Sony Online Entertainment servers were kept separate from the PlayStation Network databases, the company pulled SOE service today. In a statement, the company said it "discovered an issue" with SOE while investigating the PSN breach. An update is expected later today.

In happier news, the company is planning to relaunch at least some PlayStation Network services this week, and has outlined a "Welcome Back" program for customers.

Editor-In-Chief
From The Chatty
  • reply
    May 2, 2011 12:45 PM

    Steve Watts posted a new article, Sony gets inquiry from Congressional subcommittee.

    Representative Mary Bono Mack (R-CA), chairman of the Subcommittee on Commerce, Manufacturing, and Trade, has issued some pointed questions at Sony's Kaz Hirai, including when they knew of the breach, why they waited to tell users, and why they believe cr

    • reply
      May 2, 2011 12:49 PM

      OH YEA, YOU GO CONGRESS!

      It's not like we still have a budget problem or anything...

      Oh. That's right.

      • reply
        May 2, 2011 12:50 PM

        I'm sure the economic implications of 10,000,000 stolen credit cards are nothing to worry about at all.

        • reply
          May 2, 2011 2:17 PM

          Yeah. It's too bad that everything in Congress has to come to a complete stop until this silly Sony business is resolved.

          Oh. That's right.

      • reply
        May 2, 2011 12:51 PM

        really makes you think...... .... ... .. .

      • reply
        May 2, 2011 12:53 PM

        we need to make a filter to remove front pager comments

      • reply
        May 2, 2011 1:03 PM

        perspective, you're missing it

      • reply
        May 2, 2011 1:08 PM

        "chairman of the Subcommittee on Commerce, Manufacturing, and Trade" Yeah, I think she might have a JOB TO INVESTIGATE THIS OCCURENCE.

      • reply
        May 2, 2011 1:13 PM

        I hope the congress would take some time out from working on deficit, budget and whatevers just to invent a device that allows me to punch people on the face over the Internet.

      • reply
        May 2, 2011 1:13 PM

        Are you seriously complaining about some congress critters actually doing their job?

      • reply
        May 2, 2011 1:24 PM

        Not everyone in Congress is in charge of budgets.

      • reply
        May 2, 2011 2:12 PM

        [deleted]

      • reply
        May 2, 2011 4:07 PM

        Perhaps I have come off as a bit overzealous.

        This Sony thing essentially miniscule in the big scheme of things, when a solution to a budget crisis (which still exists btw) is still so far off. I'm glad they avoided a shut down, (cause my dad is in the military, and we enjoy when he gets paid) but something permanent needs to be done and should have been done a long time ago.

        I just feel like they should lock themselves in the capital building and get something done.
        My political opinions did spur my original post, and I probably should have restrained myself. But I meant what I said.

      • reply
        May 2, 2011 4:11 PM

        Oh yea. And the government isn't going to give you your money back, fix your stolen credit cards or do anything for you.

        They may punish Sony. But, I highly doubt that. It's called lobbying.

    • reply
      May 2, 2011 12:51 PM

      March 6th? Well I guess they have a while to hide it all.

    • reply
      May 2, 2011 2:00 PM

      Let's not waste time fixing domestic issues. Let's point fingers at a foreign company and demand they answer to use.

      • reply
        May 2, 2011 2:06 PM

        Where do you people come from? Seriously? This is YOUR INFORMATION that was stolen.

        • reply
          May 2, 2011 9:03 PM

          So let the company make it right. If Sony doesn't learn from their mistakes, then Congress should get involved. In the meantime, they should do their effing job.

      • reply
        May 2, 2011 2:23 PM

        lol

      • reply
        May 2, 2011 2:31 PM

        [deleted]

      • reply
        May 2, 2011 2:36 PM

        you are drinking jarate

      • reply
        May 2, 2011 2:47 PM

        domestic issues...like not having to second guess where i use my credit card?

    • reply
      May 2, 2011 2:41 PM

      There is another side of this is I do find it amazing that Sony is getting all of the shit for this. I mean they didn't accidentally email all of the personal information out or something. Regardless of how lax their security may or may not have been or if they could have handled the situation better (I'm under the opinion that they could have to a great deal) , someone or a group of people still broke into their system and stole data. This part of it never seems to be mentioned.

      • reply
        May 2, 2011 4:17 PM

        Because SONY had a responsibility to its customers. In any other context, most people wouldn't have a problem understanding where responsibility lies. I am responsible for my own child's actions regardless of the fact that I may not have done anything myself. Responsibility is the key word here, and Sony is responsible for their own network. Sony isn't catching shit for being hacked, but rather for the way they handled the situation and the data being stolen.

    • reply
      May 2, 2011 6:34 PM

      LOL... whats really funny is that people Congress calling for answers is about the Theft of Credit Card numbers... smh.

      • reply
        May 2, 2011 7:12 PM

        They're not just "Congress people" but a body specifically formed to look into these kinds of missteps by manufacturers and traders. It's pretty much part of their job to do this, especially in a high-profile case such as this where the offender is such a large and well-known manufacturer Americans are supposed to be able to trust with information.

        Privacy and cyber security is a vital concern in this day and age. Sony is not being singled-out unfairly, but they possibly could be broadcast as an example of a serious and ballooning problem with privacy today if they don't get their ducks in a row soon.

        • reply
          May 2, 2011 9:50 PM

          You really think that Congress looking into is about "customers information" and missteps by Sony. Please. There is a reason Homenland Security and the FBI are investigating this matter. This is about making sure some like this can't and won't happen on larger scale. If a hacker can get into Sony servers who says they can't get in the computers that control the power grid, or large banks etc. This has nothing to do with about missteps made by Sony.

          I said nothing about Sony being singled out unfairly...I was laughing at the very transparent grand standing by the US Congress. Laughing so damn hard that I could not even type straight. They and a lot of people are scared shitless about what happened a week ago. There is a bigger picture that a lot of people are missing and it has nothing to do with Sony. Toyota's screw up actually killed people and they were called in front of Congress and nothing happened. The same is going to happen here absolutely nothing a nice show and a lot of bark but that's all.

          • reply
            May 3, 2011 1:32 PM

            Sure it is.

            As I said, it's a specific part of this subcommittee's duties and they are allowed to exercise that discretion. The reasoning behind it may be complex-- when isn't it in politics-- but the benefits of beginning a public investigations is that they must turn up some results. Seeing as Sony hasn't exactly been forthcoming with answers by either design or happenstance, someone feels the need to seek those answers. That's fine.

            Toyota's "screw-up" tbh is turning out not to be some clear cut case of defects or mismanagement. Hell, the NHTSA are pretty much ready to admit those accidents could just as easily have been caused by driver error. So after all that hoopla, maybe Congress didn't find much because there was nothing much to find?

            I'm not attempting to make excuses for them; I have no love for political bodies. Perhaps it's just a show to prepare for 2012 or some such. But even a show will do more than you or I can to find a resolution.

    • reply
      May 2, 2011 9:05 PM

      [deleted]

    • reply
      May 2, 2011 9:32 PM

      That's insane. One of hackers try to sell customers stolen credit card back to the Sony.

    • reply
      May 2, 2011 10:02 PM

      http://www.qj.net/ps3/news/rumor-psn-outage-due-to-rebug-custom-firmware.html Yes rumor but seriously plausible.... You know there might be a chance that everyone is flipping out for no reason??? That nobodies info went anywhere? It sucks what happened but nobody died so get over it, stop the pointless hating...

      • reply
        May 3, 2011 5:58 AM

        Ah, here you are. I wondered when you'd show up.

        Sony has admitted that customer data on 77 million accounts was stolen. Not just accessed, but downloaded. No, they're not flipping out for no reason. People are concerned for good reason on their logins and hashed passwords, along with emails and their address/names getting leaked.

    • reply
      May 3, 2011 3:49 AM

      This just seems to me like an excuse to dive right into a hot button topic. Unfortunately as online security breach of this magnitude has not been encountered in the past, it was inevitable that questions would be asked.

      I don't see it being any different if it happened with Amazon or XBL.

      Having a bank robbed is one thing because they have insurance to cover damages. Online security breaches however seemed to be uncharted territories, and thus question of insurance have never come up since breaches as such has never happened.

      I can imagine new laws being written regarding some form of insurance.

    • reply
      May 3, 2011 7:46 AM

      could have also been 2.2 million customers who were stupid enough to click an email and give information as well

Hello, Meet Lola