Sony has defended the length of time it took to disclose the massive data breach that left the personal details of up to 77 million customers in the hands of data thieves.
The Japanese gaming giant last night admitted that an ongoing outage on the PlayStation Network was down to a massive system breach, but the company sparked fury for delaying the announcement for a week.
Sony says the delay - following the intrusion between 17 April and 19 April - was necessary to give the company time to investigate the scale of the theft and to assess what information had been targeted.
“We learned there was an intrusion [on] 19 April and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident,” Patrick Seybold, corporate communications and social media director, said on the PlayStation blog.
“It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”
However, Sony's tone did little to placate consumers, who felt they should have been alerted sooner – especially given that credit card details may have been compromised.
“Five days to come to the conclusion that credit-card data might have been compromised seems about four days too long,” posted Ratchet426 on the website.
“If there was enough of a perceived breach to shut the entire service down on the 19th I can’t imagine that a credit card data breach wasn’t also considered at the same time.”
This article originally appeared at pcpro.co.uk
Copyright © Alphr, Dennis Publishing
Issue: 345 | December 2015