The Sony part is on first, though later in the programme others have called in with their experiences.
Sony's response is pathetic, I'm afraid. The website they recommend people to visit - https://www.getsafeonline.org/ - does not really relate to much on this website. People have had accounts stolen who have followed everything recommended, including unique passwords and email addresses. And let's not forget the issue is more about Sony refusing refunds even when content has not been used, or has been blocked on the fraudster's machine.
Amusingly, a page on that website - https://www.getsafeonline.org/business-news/sony-hack-highlights-major-shortcomings/ - looks at the Sony Pictures hack and recommends things that should be changed due to poor quality security:
- Ensure all sensitive data is encrypted.
- Do not store passwords in the same place as password-protected documents.
- Use two-factor authentication.
- Keep sensitive personal data separate from other data.
- Carry out regular external security checks.
So, hypocrisy from Sony? You've not seen the last of it yet ...