Sony has dropped its appeal of a £250,000 fine over the 2011 PlayStation Network security breach, saying that continuing the fight would require it to expose “sensitive security data.”
The PlayStation Network suffered a rather catastrophic security breach back in 2011, as you may recall, which landed it in all sorts of hot water. Among those miffed by Sony’s failure to maintain the security of its users’ personal information is the Information Commissioner’s Office in the U.K., which slapped the company with a fine of £250,000 ($377,000) in January.
Sony appealed the fine, naturally, but has now decided to drop the matter, saying that while it still disagrees with the outcome, it cannot continue to challenge the decision without revealing confidential PSN security information. “This decision reflects our commitment to protect the confidentiality of our network security from disclosures in the course of the proceeding,” a Sony rep said. “We continue to disagree with the decision on the merits.”
When it handed out the fine, the Information Commissioner’s Office acknowledged that Sony had been targeted by a “determined criminal attack” but nonetheless declared that “the security measures in place were simply not good enough,” adding, “If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority.” Following Sony’s decision, the ICO said in a statement that it “welcomed” the outcome.