Sony used outdated software on its PlayStation Network servers, according to the testimony of a security expert sitting before a congressional subcommittee.
As reported by The Consumerist, Dr. Gene Spafford, computer science professor at Purdue University, testified that Sony used versions of the open source Apache Web server software that went "unpatched and had no firewall installed."
In recent weeks Sony's seen its PlayStation Network, Qriocity and Sony Online Entertainment services compromised, leading to the exposure of more than 100 million user accounts. Some credit card accounts have been taken along the way.
Sony declined to participate in the subcommittee hearing. Instead, Sony Computer Entertainment America chairman Kazuo Hirai sent a letter outlining the company's efforts and implicated someone associated with the the "hacktivist" collective known as Anonymous as the possible culprit.
- Sony implicates ‘Anonymous’ in PlayStation Network attack
- Sony security hole exposes another 24.6 million accounts
- A look at what Sony’s doing to fix the PlayStation Network mess
- Hey Sony: Give gamers straight answers if you want our business
- Sony encrypted credit card data, but not user account info
- PSN debacle illustrates stark differences between Apple and Sony
- Sony’s PlayStation Network data breach: Game networks an irresistible hacker honey pot
- Sony confirms PlayStation Network hack exposed user info
- PlayStation Network intrusion hackers grabbed customer details