Sony Pictures tonight confirmed that some of its Web sites were breached yesterday.
In a joint statement, Sony Pictures Chairman and CEO Michael Lynton and Co-chairman Amy Pascal said the company has contacted the FBI in an attempt to find out who was behind the cyberattack.
Yesterday a group of hackers calling themselves Lulzsec brashly taunted Sony on Twitter saying it would "embarrass" the company by posting data stolen from the company's servers. Several hours later the group posted online 150,000 people's passwords, names, email addresses, addresses and phone numbers from SonyPictures.com and Sony BMG's Web sites in Belgium and the Netherlands. The group claims there was little complexity involved in overcoming the servers' security.
"The cybercrime wave that has affected Sony companies and a number of government agencies, businesses and individuals in recent months has hit Sony Pictures as well," the Sony statement reads.
In addition to working with federal authorities, Sony Pictures has also hired its own "experts" to conduct a forensic investigation into the breach, according to Lynton and Pascal.
"We deeply regret and apologize for any inconvenience caused to consumers by this cybercrime," they wrote.
Executives from Sony and Epsilon, speaking Thursday before a House Commerce Manufacturing and Trade subcommittee, endorsed the idea of a federal law regulating data breaches.
In an opening statement, Rep. Mary Bono Mack (R-Calif.), who chairs the subcommittee, said that while she did not entirely approve of the way the companies had handled data breaches affecting their networks, she wanted to move forward and outline the best way to protect online consumers.
Jeanette Fitzgerald, the general counsel for Epsilon, endorsed national legislation and said that the patchwork of state laws regulating data breaches made it difficult for companies to respond to attacks. Epsilon, a marketing company, was hit with a cyberattack in late March that leaked the e-mail addresses and names of millions of consumers.
A single law, she said, “would make it much easier and less costly for business to ensure any applicable notification requirements are met.”
Sony’s Tim Schaaf, president of Sony Network Entertainment International, said the company supports standard legislation that would require companies to provide timely, accurate information on breaches, provide customers with resources to combat the effects of an attack.
Other Business News:
Sony vgp-bps2c battery
Dell inspiron 1720 battery
Dell inspiron 1520 batteries
Schaaf was also called upon to defend some of Sony’s practices following its network intrustion.
Bono Mack repeated her criticism of the way Sony informed its users of a breach that revealed the personal and financial information of 77 million customers — through its blog.
“Sony put the burden on consumers to search for information instead of providing it to them directly,” she said, adding that such a practice is unacceptable.
Schaaf said that the company’s blog is very popular and a useful way for the company to communicate with its customers quickly and efficiently. He added that Sony later e-mailed customers affected by the attack.
He also defended Sony’s decision to delay informing customers of the breach until the company fully understood the implications of the attack. The company’s servers were breached on April 19 and Sony first notified customers that sensitive data was taken on the 26th.
Bono Mack said she will introduce legislation that will require companies to establish and maintain security policies, give special protection to sensitive information such as credit cards and promptly notify consumers when data has been breached.
CloudTags: Sony, Twitter, saying, embarrass, company, Dell latitude d820 battery, Sony vgp-bps2a battery
没有评论:
发表评论