Just a week after Sony announced that personal data belonging to 77 million Playstation users had been stolen by hackers, it has announced that a further 25 million gamers have been affected.

The Sony Online Entertainment system enables gamers to play multi-player games with both friends and strangers over the internet.

In order to set up an online account and to take advantage of the services available, gamers are required to disclose various pieces of personal information, including their names, addresses, email addresses, birth dates, phone numbers and sometimes credit card information – all of which may have been stolen from Sony’s databases.

Whilst this is being investigated and it is not clear where fault lies (if at all), this incident is an example of the impact that a large scale data loss can have for any business. Since the breach was announced, Sony’s share prices have dropped by 4%, the Playstation network and Sony Online Entertainment system have been taken off-line (to the annoyance of many users) and the media attention this has attracted, could have caused significant reputational damage.

Playstation users could also suffer as a result of their personal data making its way into the hands of hackers regardless of how access was obtained.

If your organisation collects and processes personal data belonging to your customers (or indeed stores confidential information generally), now is a good time to take stock of what measures you have in place in order to protect it and, if necessary, to improve your security measures and practices to try and avoid a breach taking place, particularly given the fact that the Information Commissioner now has the power to impose fines of up to £500,000 for serious breaches of the Data Protection Act 1998.

For more information on managing these risks, please see our recent article ‘Confidential Information: Managing the risks‘.

Related Posts

1. Confidential Information: Managing the risks

.