The UK Information Commissioner’s Office has announced that Sony will have to pay up £250,000 (about $395,000) for the April 2011 PSN hack.

The ICO found that Sony had been in serious breach of the Data Protection Act, and that if the company had been properly up-to-date then the breach would not have occurred.

David Smith, Deputy Commissioner and Director of Data Protection, put it this way:

If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority. In this case that just didn’t happen, and when the database was targeted – albeit in a determined criminal attack – the security measures in place were simply not good enough.

The hack exposed names, addresses, e-mails, dates of birth, and passwords of some 77 million PSN users- this also put credit cards at risk and meant Sony had to shut down the network for three weeks.

“SCE disagrees with the ruling and is planning an appeal,” said Satoshi Fukuoka, an SCE spokesman, to IT World.

Via Ars Technica

Photo credit: Ian Muttoo