Sony Computer Entertainment Europe says it will appeal a decision by UK authorities to fine the console manufacturer £250,000 for what has been judged to be a "serious breach" of the Data Protection Act. The Information Commissioner's Office (ICO) says that its investigation has concluded that the attack "could have been prevented if the software had been up-to-date" and has also made mention that passwords to PSN accounts were not secure.
In its official statement, the ICO said,"“the penalty comes after the Sony PlayStation Network Platform was hacked in April 2011, compromising the personal information of millions of customers, including their names, addresses, email addresses, dates of birth and account passwords. Customers’ payment card details were also at risk.” It went on to say that Sony's security measures were simply not good enough.
Sony, however, has released a statement saying that it plans to appeal the fine.
"Sony Computer Entertainment Europe strongly disagrees with the ICO’s ruling and is planning an appeal," it said. "SCEE notes, however, that the ICO recognises Sony was the victim of “a focused and determined criminal attack,” that “there is no evidence that encrypted payment card details were accessed,” and that “personal data is unlikely to have been used for fraudulent purposes” following the attack on the PlayStation Network."
Sony executives, including President and CEO of Sony Corporation Kazuo Hirai, made a public apology for the PSN hack in May 2011