A U.S. House of Representatives subcommittee is demanding answers from Sony after private information from some 102 million personal accounts was taken by hackers.
In a letter written by the Congressional Subcommittee on Commerce, Manufacturing and Trade and addressed to Sony chairman Kazuo Hirai, representatives asked the company to answer a list of 13 questions related to the hacking of Sony's PlayStation Network.
The questions come as lawyers in Canada have announced they're seeking a $1 billion class action lawsuit against the company which has recently revealed not one, but two massive hacking breaches that left personal information from 102 million gaming accounts available to hackers.
On Monday, Sony revealed that its Sony Online Entertainment PC gaming service had been hacked ... this after revealing last week that the PlayStation Network service had been breached.
The SOE breach exposed the information from 24.6 million personal accounts as well as some credit card information from gamers who play the service's online PC games such as "EverQuest," "DC Universe Online" and "Free Realms." The PlayStation Network, on the other hand, allows PlayStation 3 owners to game online and that breach exposed personal information from 77 million private accounts.
The Congressional committee has demanded answers about the PlayStation Network breach only perhaps because news of the Sony Online Entertainment breach wasn't released until Monday afternoon. Among the questions they asked:
- "Why did you wait to notify your customers of the breach?
- "Have you identified how the breach occurred?"
- Have you identified the individual(s) responsible for the breach?
- "How many PlayStation Network account holders provided credit card information to Sony Computer Entertainment?"
(To read their entire letter, see the New York Times post here.)
The Committee's letter demanded a reply from Sony by Friday, May 6, and explained that it had scheduled a hearing this Wednesday "regarding the threat of data theft to American consumers." It invited Sony to attend and testify.
Too busy to appear
Sony, however, will not be attending tomorrow's hearing.
"Sony declined to testify because their internal investigation is still ongoing," an official working for Representative Mary Bono Mack (R-California), told game blog Kotaku Tuesday morning.
But Sony has insisted it is cooperating with Congress. Sony of America spokesman Patrick Seybold sent a statement to Kotaku explaining:
"Sony is cooperating with the request for answers to the Committee's questions, and in fact will be providing our responses in advance of the deadline. We informed the committee that we could not appear as early as this Wednesday because of our ongoing intensive investigation and management of this criminal cyberattack."
In response to Sony's decision not to attend the hearing, the committee has now moved the deadline for Sony to respond to questions to today, May 3, the New York Times reports.
Congress joins the attorney generals from more than 20 states who have already demanded answers from Sony. And the FBI's cybecrimes unit has confirmed they are looking into the breach as well.
Meanwhile, as we reported this morning, Sony CEO Howard Stringer is under fire for his company's handling of customers' personal information and the hacking breaches, with some investors suggesting that he should step down.
Anger and lawsuits
But no doubt, the most heat is coming from gamers themselves.
The Toronto law firm McPhadden Samac Tuovi says it has filed a proposed class action against Sony "for the breach of privacy." The lawsuit claims damages in excess of $1 billion, which includes having Sony pay the costs of credit monitoring services and fraud insurance coverage for two years.
The plaintiff in the action is 21-year-old avid PlayStation user Natasha Maksimovic.
"If you can’t trust a huge multi-national corporation like Sony to protect your private information, who can you trust," Maksimovic said in a press release. "It appears to me that Sony focuses more on protecting its games than its PlayStation users."
This lawsuit follows a lawsuit that's already been filed in U.S. District Court accusing Sony of "negligence in data security."
Meanwhile, as news of the second breach spread on Tuesday, many gamers responded with anger if not legal action.
"Frankly, during most of the time I've been a SOE customer, I've tried hard to ignore the feeling of constantly being treated like dirt..." wrote one gamer going by the name Faelan at online gaming site MMORPG.com. "I think I've given them more chances than they deserve and each time I've ended up feeling like the fool. No more I say. Goodbye SOE."
"Sony is just another company that doesn't care about its customers or its employees ... and I think that's why they were a target of the hackers," wrote a gamer going by the name TheWillows on an "EverQuest" fan site.
But some Sony fans have responded with understanding and have said they will return to the company's online gaming services when the servers finally go back online.
Wrote one "EverQuest" fan going by the name Kaifin, "I for one hope they recover because I have been happy with their products in the past. They were one of the big companies and got arrogant thinking it couldn't happen to them and because of it they got screwed. Now they will be more careful in the future provided they survive this ordeal."
For more on this topic, please see:
- Sony Online Entertainment hacked, some credit card info taken
- Sony sued, could bleed billions following PlayStation Network hack
- Games to play while PlayStation's network is down
- How will Sony make amends to gamers?
- Former PlayStation hacker blames Sony arrogance for breach