Managing Cyber Risks

Sony Cyber Attack and the Privacy Act

Sony’s cyber-attack investigated by the Australian Privacy Commissioner

On 19 April 2011, Sony became aware that hackers had gained access to their Network Platform which held personal information of approximately 77 million customers world-wide. These included contact and credit card details.  The Australian Privacy Commissioner commenced an investigation into whether Sony complied with National Privacy Principles 2.1 and 4.1 under the Privacy Act amongst concerns that Australians' personal information may have been compromised in the cyber-attack,

The Commissioner found that Sony did not breach National Privacy Principle 2.1 which only allows disclosure of personal information for the purpose it was collected, as the release of information was not intended by Sony, but rather the result of a 'sophisticated security cyber-attack' against Sony's Network Platform.

The Commissioner also found that Sony had acted in accordance with the National Privacy Principle 4.1 in taking reasonable steps to protect its customers' personal information from misuse and loss and from unauthorised access, modification or disclosure.

The Commissioner noted that Sony:

  • had physical, network and communication security measures in place, including the encryption of credit card information;
  • temporarily shut down the Network Platform servers and services after the security breach;
  • subsequently advised consumers about the incident via the PlayStation website, the media and by email; and
  • has since implemented various new security measures such as appointing a Chief Information Security Officer.

However, the Commissioner did express concerns that Sony allowed 7 days to go by before notifying its customers, and strongly recommended that Sony review how it applies the OAIC's Guide to handling personal information security breaches in light of the high risk Sony's customers were exposed to after the cyber-attack.


Latest News

High Court dismisses Business Interruption Test Case

Today the High Court dismissed appeal by Insurers on the Business Interruption test case. Even the big insurers make silly mistakes! But you the policy holder may benefit if you were one of the 40% of Business Pack policy holders that added Business Interruption cover to their Business Pack. While it was never the intent of insurers to cover policyholders for the loss of income from a pandemic, the fact that insurers never factored in a risk premium for it, and the fact there is supposed to be a material or physical loss to trigger the Business Interruption section, none of that matters according to the highest Court in the land. So what was the mistake? Simply that when insurers defined what they considered to be the definition of an infectious disease, they referred to the Quarantine Act of 1908 which since was superseded by the Biodiversity Act of 2015. Because the Quarantine Act of 1908 no longer exists, apparently you cannot draw on this for a definition of an infectious disease? Not one of the insurers picked up on this! Shows how much interest we take on the business of Governments, except what is reported in the media.

read more

Three Years running - Insurance Brokerage of the Year 1 to 5 staff

Mandy and Robert Cooper were extremely honoured and astounded to once again win, Insurance Brokerage of the Year for 2020 from Insurance Business Australia magazine. This is the third year running.

While this year has not been the easiest of years for the business with Covid 19, the Recession, the hard market and issues at Lloyds of London, we are literally all in this together as an Insurance Industry.

CPR Insurance Services continues to make our clients the number one focus of our business while managing our relationships with Insurers, who we need more than ever in this market climate.

CPR Insurance Services are a highly ethical Brokerage with a reputation as a trusted advisor who always acts in the Client's best interests. Their experience, knowledge and expertise is amongst the highest in the industry.

CPR Insurance Services is now ten years old as a business and is proud of being an Authorised Representative of Ausure and their partnership with Steadfast, giving CPR the strength and backing to match it with any Broking firm in the Insurance Industry, but remain focussed on supporting the Small to Medium business segment.

Memberships of the National Insurance Brokers Association, Australia and New Zealand Institute of Insurance and Finance, Australian Insurance Law Association, Australian Professional Indemnity Group and the Australian Institute of Company Directors, ensures CPR Insurance Services maintains the high standard of knowledge and expertise required to be one of the best Brokerages in Australia.

CPR Insurance Services also plays a strong role in their local community supporting other Sporting Clubs and Community organisations. They also support and promote local businesses with their operation of the Kedron Brook Business Group who meet regularly and has 174 members.

We are truly honoured to receive this National award once again for the third year as a recognition of CPR Insurance Services contribution.

read more