Beth Jones, a Senior Threat Researcher at Sophos Labs, says that the recent breach of Sony's PlayStation Network may have ripple effects on regulatory control of American consumers' personal information.
The PlayStation Network was hacked last week, and Sony had to admit that users' personal details, such as email addresses, passwords and phone numbers, may have been taken. The haul of data was huge — 77 million people use the PSN.
Credit data is governed by the Payment Card Industry Data Security Standard, established in 2006. Under the standard, companies that process credit card data are must comply with a set of requirements meant to prevent data theft and fraud. "I'm wondering if the regulatory authorities will extend PCS compliancy to other information," Jones said.