Tuesday, December 23, 2014

Top congressional Democrat asks Sony for hack details

A logo is pictured outside Sony Pictures Studios in Culver City, California December 19, 2014. REUTERS/Mario Anzuoni



A logo is pictured outside Sony Pictures Studios in Culver City, California December 19, 2014.


Credit: /Mario Anzuoni






- The top Democrat on the powerful U.S. House Oversight and Government Reform Committee has asked Sony Pictures Entertainment to hand over details of what he describes as the "devastating cyberattack" recently suffered by the Hollywood studio.

In a letter sent to Sony on Tuesday, Elijah Cummings, the committee's ranking minority member, said that Sony's "knowledge, information and experience" would help Congress as it examines federal cybersecurity laws and considers whether they need to be tightened to protect government and consumer data.


Cummings asked Sony to turn over information including detailed descriptions of all data breaches the company has suffered over the past year; the rough number of current and former employees and customers affected by the breaches; and the manner in which victims were notified.


He also asked for the findings of any forensic investigations or analyses conducted into the breaches, as well as assessments as to "why the breaches went undetected for the length of time they did."


In the letter, Cummings also asks Sony for a description of any improvements to data protection mechanisms it has implemented since the breach, a description of the procedures that govern the company's relationships with third-party vendors and service providers, and any recommendations Sony might wish to offer regarding improvements in cybersecurity laws or law enforcement.


Cummings also requests a briefing by Jan. 19 from Sony's chief information security officer or similar top IT executive.


Cummings cited reports indicating that in addition to deploying destructive malware, the hackers who attacked Sony stole "vast quantities" of sensitive information, including unreleased films and the personal information of more than 47,000 current and former employees, including social security numbers and healthcare records.


The FBI has said the cyberattackers on Sony were connected to the government of North Korea.


No comments:

Post a Comment

Subscribe to: Post Comments (Atom)