Congress Tackles Data Theft
House holds hearing on recent cyber-security breaches.
Critics continue to hammer Sony for its lack of internet security after hackers gained access to personal information of over 100-million consumers.
Now there's evidence Sony knew its website was vulnerable.
The U.S. Justice Department has launched an investigation into the data breach, which Sony now says it sat on for days before reporting it to authorities.
A meeting with FBI agents didn't occur until five days after the hacking episode was uncovered.
Sony made those admissions in a letter to a Congressional committee that held hearings on the hacking.
Sony executives refused to attend.
Sony's absence meant it couldn't counter a claim by data breach expert and Purdue Professor Gene Spafford that internet safety experts had warned sony months before the hacking that its security software was outdated.
"They were running on very old versions of patchy software that were unpatched and had no Firewall installed," Spafford told the committee.
Sony's data breach also came up when Attorney General Eric Holder told a Senate Committee the Justice Department will investigate although, he thinks the damage has already been done.
"The focus has to be on prevention. That is the way you offer maximum protection to consumers," said Holder.
Sony didn't tell its customers about the massive data breach targeting its popular Playstation gaming network until last week, but in the letter to Congress said it's "the victim of a very carefully planned, very professional, highly sophisticated criminal cyber attack".
The company says it has shut down the affected systems while it investigates the attacks and beefs up security.