It has emerged that part of Sony's PSN terms and conditions claim that the company is not liable for any loss of user data.
"We exclude all liability for loss of data or unauthorised access to your data, Sony Online Network account or Sony Online Network wallet and for damage caused to your software or hardware as a result of using or accessing Sony Online Network," the terms state.
However, speaking to Edge, the Information Commissioners Office (ICO) claims that Sony is accountable to stipulations outlined in the UK Data Protection Act which says that companies are obligated to keep users' details secure.
"While we are unable to say where the data is being stored at present, if it was in the UK, this clause would not free them from their obligations under the UK Data Protection Act," ICO stated.
"If we found a breach, one of the actions we could take would be to issue an undertaking, which is an agreement between the ICO and the company that if they are handling personal information they have to bring about set improvements in order for them to be compliant with the act.
"If the company is not compliant with the act within a certain time limit, further action would be taken and we might consider an enforcement notice or issue a monetary penalty.
"For serious breaches of the act, we can issue a monetary penalty up to £500,000."