Sony has been fined £250,000 by the UK Information Commissioner's Office for the PlayStation Network hack in 2011. The office ruled that Sony should have been able to prevent the hack and that Sony should not have left such sensitive information so vulnerable.
"If you are responsible for so many payment card details and log-in details then keeping that personal data secure has to be your priority," said Information Commissioner's Office director of data protection David Smith.
"In this case that just didn't happen, and when the database was targeted - albeit in a determined criminal attack - the security measures in place were simply not good enough. There's no disguising that this is a business that should have known better."