“there is no evidence that encrypted payment card details were accessed,” and that “personal data is unlikely to have been used for fraudulent purposes”
The fact that the perpetrators had gained access to sensitive information that belonged to millions of people that trusted sonys "secure" online services/system is unacceptable regardless of whether they used that info for fraudulent purposes or not and regardless of whether sony cant find evidence that they did so.
“The reliability of our network services and the security of our consumers’ information are of the utmost importance to us"
Then why did the investigation that took place by ICO conclude that the attack could have been prevented if there systems were up to date?
Sony needs to get off their goodie two shoes high horse and admit that they were at fault.