A companies servers is a companies problem, that's all there is to it. No one forced Sony to store sensitive customer information, but they chose to -- and they also chose to neglect the security ramifications around it.
Imagine your bank decided to store your money in an unprotected vault, no security, and then it goes missing one day. Yes, a criminal stole it, but it was only possible because the bank deceived the customers into thinking their money was secure. As far as I'm concerned, there's two criminals in this equation.
Imagine your bank decided to store your money in an unprotected vault, no security, and then it goes missing one day. Yes, a criminal stole it, but it was only possible because the bank deceived the customers into thinking their money was secure. As far as I'm concerned, there's two criminals in this equation.