Sony Faces More Questions From U.S. Lawmakers About Data Breach

Sony's Hirai
Kazuo Hirai, president and chief executive officer of Sony Computer Entertainment Inc. and executive vice president of Sony Corp., pauses during a news conference in Tokyo on May 1, 2011. Sony Corp. faces questions from U.S. lawmakers over the hacking attack that may have stolen personal data from 77 million users. Photographer: Tomohiro Ohsumi/Bloomberg

U.S. lawmakers yesterday asked Sony Corp. for more information about an attack that exposed more than 100 million customer accounts to hackers, an event its chief executive officer described as a ‘hiccup.’

Representatives Mary Bono Mack, a California Republican, and G.K. Butterfield, a North Carolina Democrat, sent a letter to Sony requesting details on what customer information may have been stolen and whether the company’s investigation has determined how the breach occurred.

The letter, addressed to Kazuo Hirai, Sony’s executive deputy president in charge of consumer products and network services, requests a response by May 25.

Sony declined to appear at a May 4 hearing on data theft chaired by Bono Mack and instead sent an eight-page letter responding to lawmakers’ questions about the attack that crippled the company’s PlayStation gaming network. Bono Mack plans to hold a follow-up hearing and introduce legislation on data security, her spokesman Ken Johnson said in an e-mail.

“Clearly, there are still a lot of unanswered questions,” Johnson said. “As we begin drafting our data security legislation, we are hopeful that the Sony experience can be instructive.”

The hacker attack, which forced Sony to shut down its online movie, music and games services, is a “hiccup” in the company’s online strategy, Chairman and Chief Executive Officer Howard Stringer said in an interview yesterday.

Three-Week Outage

Stringer said the Tokyo-based company is working to determine whether other computer systems were infiltrated. Sony resumed partial operation of the entertainment services this week after a three-week outage.

The Sony intrusion has sharpened U.S. government scrutiny of how companies notify the public about attacks from hackers and malicious software.

The Obama administration on May 12 released a proposal for shielding banks, power grids and government computers. The plan calls for uniform laws on reporting breaches and requiring owners of critical systems to develop network security plans.

Before it's here, it's on the Bloomberg Terminal. LEARN MORE