The Economics of Sony PlayStation Network & Qriocity Identity-Hacks

Sony CEO Howard Stringer, The economics of Sony’s PlayStation Network & Qriocity Identity Hack

Sony CEO Howard Stringer, The economics of Sony’s PlayStation Network & Qriocity Identity Hack

Sony Corp., Japan’s largest consumer-electronics exporter, has been witnessing very troubled times in the recent past – first the impact of Japan’s earthquake and tsunami on their business, followed by the cyber-attack on the PlayStation Network and Qriocity systems two weeks ago, and the outage of services since the scale of the cyber-crime was realized by the company.

Sony’s stock fell by 4.5% to 2,211 yen, the lowest since March 15th, this earlier low a result of the overall Japan market fall because of the earthquake and tsunami.

In an open letter posted on the PlayStation Blog, Howard Stringer, President and CEO of Sony Corp., has apologized for the frustration brought on by the cyber-attack and related down-time to all PlayStation and Qriocity users, and has assured users that Sony is moving ahead with plans to help protect PSN customers from identity theft around the world with a $1 million identity theft insurance policy per user being launched soon.

Identity-theft

What first appeared to be a persistent network outage, denying users access to Sony’s PlayStation Network, turned out to be way more than just an outage, and way worse, when Sony announced the security breach a couple of days after the continuing outage.

Sony Corp. was attacked by computer hackers between April 16 and April 19, but it was a couple of days before Sony made an announcement saying that the hackers had done off with personal data of 77 million PSN and Qriocity customers. This data included customer names, addresses, e-mail addresses, gender, birth dates, phone numbers, log-in names, and hashed passwords.

More bad news came by soon after, with the company announcing that the same breach had also compromised Sony Online Entertainment customers, with the number of hacked accounts having now been increased by the company to 101.6 million.

And while the company has repeatedly been saying that they have no evidence of their main credit card database having been breached, Sony did release a statement saying that an “outdated” database from 2007, consisting of credit and debit card numbers and expiration dates (but not credit card security codes) for about 12,700 non-U.S. customers, along with about 10,700 direct debit records listing bank account numbers of customers in Germany, Austria, the Netherlands, and Spain may have been stolen as part of the attack.

So, in addition to the company facing the wrath of millions of PSN, Qriocity and Sony Online Entertainment users, the few days Sony took to make this data-breach information public has also caused U.S Government official to unleash their rage at the Japanese electronics giant for not informing users sooner about the identity thefts that had taken place.

Reports say that Sony has been subpoenaed by New York in relation to these database breaches of its PlayStation Network.

Welcome Back

As part of the assurance provided by Sony, Stringer’s letter posted on the PlayStation Blog announces a “Welcome Back” package to all PlayStation and Qriocity customers as soon as services for these two systems are back up.

Among other benefits, this package will include a month of free PlayStation Plus membership for all PSN customers, along with an extension of subscriptions for PlayStation Plus and Music Unlimited customers to make up for time lost.

Sony is also offering its PlayStation Network and Qriocity users a year of free identity-theft monitoring.

According to a blog post by Patrick Seybold, a spokesman for the Tokyo-based company’s video-games unit, Sony is in the final stages of testing the PS Network before restarting it.

How much did the breach cost Sony?

Millions of frustrated users, feeling vulnerable with the theft of information regarding their identity, but how much is this data breach likely to have cost Sony?

Market estimates currently oscillate between $20 million in lost revenues over a couple of weeks to $32 billion in terms of total costs involved in dealing with the consequences of losing control of customer data.

With annual revenue of Sony from PlayStation Network sales of downloadable games, movies, music etc being estimated at about $500 million, the two week outage would amount at around $20 million in terms of revenue over the two weeks. Add to this a 30% profit margin, i.e., this amounts to the loss of another $6 million in profit.

The Welcome Back package announced by Sony offers free membership credits etc., to compensate users for downtime, but does not really take into account financial compensations the company would need to make for personal data breaches, if Sony offered this to their customers.

Forbes has cited a study carried out by the Ponemon Institute, a data-security research firm, which estimates the per person cost for a data breach at $318. With over a 100 million users across all three services affected by the cyber-attack, personal compensation for all users whose personal data has been breached would mean almost another $32 billion.

And while Sony is unlikely to offer personal compensation, these numbers are a strong reminder of how dearly data breaches can cost a company.

image courtesy msnbc.msn.com

Protected by Copyscape Original Content Checker

Filed Under: FeaturedHi Tech NewsManufacturing Company ReportsNEWS

Tags:

RSSComments (14)

Leave a Reply | Trackback URL

  1. craige says:

    Do you have a date to say when the network will be back on?

  2. craige says:

    so its back on then yeah?

  3. shard says:

    What’s astonishing is the fact that Sony are getting lambasted for this breach, while no-one AT ALL is talking about the hackers themselves, or the wider effects of cyber crime in the world we live in. Sony unfortunately always manage to make themselves an easy target, but in this case, surely it’s indicative of a deeper problem with the cyber society of today?

  4. Dean Meehan says:

    Hate to say, but wish i switched to xbox, but it could of happened to either of these

  5. Dominorix says:

    it did actually happen to xbox live a few years ago, so it can really happen to either.

  6. Darren Fagan says:

    hurry up sony or im movin to xbox

  7. danny says:

    will accounts be lost? eg. has the hackers taken psn accounts permanently?

  8. bored28 says:

    when it will come back?

  9. J Roc says:

    S**** XBOX. Playstation is still better!

  10. Odizzle says:

    Hurry up PS Finals are over and I’m getting bored! I hate thieves go get a job all those computer skills and talent and yet your a petty thief don’t deserve the title of hacker what losers!

  11. Sony says:

    We are very sorry and would like to announce that the PlayStation Network will be back up on May 9th

    Sincerely,
    Sony

  12. [...] Sony apologized to all its online PlayStation and Qriocity users for the frustration brought on by the cyber-attack, and declared plans of helping protect its online gaming customers from identity theft with a $1 million identity theft insurance policy per user. [...]

  13. [...] example, the cost of the cyber attack on Sony’s PlayStation Network over April-May has been estimated by the Japanese electronics leader at around $171 million. This [...]

  14. [...] Xbox 360 that launched in November 2005, and the PlayStation 3 that launched in November 2006, were both cutting-edge systems at their release. Their potential [...]

Leave a Reply

You must be logged in to post a comment.