House members grill Sony on data breach

The leaders of a key House subcommittee wrote to Sony on Friday to question the company on a major data breach that may have compromised personal data for 77 million users. 

The breach of the PlayStation Network has set off a torrent of concern over online data security, shaking Internet users well beyond the gaming community and raising questions about safety protocols across all of e-commerce.

Rep. Mary Bono Mack (R-Calif.), chair of the Energy and Commerce Trade subcommittee, and ranking member Rep. G.K. Butterfield (D-N.C.), wrote to the company with a 13 questions about the incident.

They said it would help inform the subcommittee's work on data protection. Bono Mack is preparing data protection legislation and will hold a hearing next week on the Sony breach.

The lawmakers were particularly concerned about how long it took Sony to inform customers. They note that the breach occurred between April 17 and 19.

"A public acknowledgement of the breach was not made until April 26," they wrote. "When did you become aware of the illegal and unauthorized intrusion? ... Why did you wait to notify your customers of the breach?"

They also asked why Sony can't rule out the possibility that credit card numbers were obtained. "Please explain…why you cannot determine if the data was in fact taken," the lawmakers said. 

They wanted to know what Sony will do to enhance security, what its data protection policies are, and what it will do to mitigate the effects of the breach. They raised the possibility that Sony could offer credit monitoring, a service allowing individuals to access their credit histories so they could see if their bank accounts are misused. 

It's still unknown who hacked the PlayStation Network.