Sony has been fined £250,000 (almost $400,000) by UK authorities following the conclusion of a report into data losses incurred when its PlayStation Network was hacked in 2011, according to The Next Web.

The Information Commissioner’s Office (ICO) has levied the fine for “a serious breach of the Data Protection Act”; it is calling the case “one of the most serious” it has ever dealt with.

Investigators have been critical of Sony’s lack of security, and the announcement says that the issue could have been prevented if its software had been up to date. It is also claimed that “technical developments” left many user passwords unsecured.

A statement issued today from David Smith, the Deputy Commissioner and Director of Data Protection, said that Sony’s protection systems were not up to the required standard and that the Japanese firm “should have known better”.

The hacking — which took place in April 2011 – compromised the personal details of 70 million users of the PlayStation Network and Sony’s Qriocity streaming service. The intruders were thought to have gained access to personal details, such as names, addresses, dates of birth and more. Credit card details were said to also be ‘at risk’, though Sony claimed soon after the incident that it had encrypted all financial data.