PlayStation Network security breach will cost Sony much more than money
The computer security breach in Sony Corp.'s online PlayStation Network and Qriocity music service last week struck a serious, though not fatal, blow to Chief Executive Howard Stringer’s ambitions for a world of connected entertainment in which consumers can access and buy all manner of content through Sony devices, according to entertainment and security analysts.
The attack, which exposed the personal information and possibly credit card data of 77 million customer accounts, was disclosed Tuesday, more than a week after the computer systems were breached.
Sony’s admission triggered an immediate backlash, with consumers filing at least two lawsuits against the company and lawmakers condemning it for failing to notify customers sooner.
“Hackers and thieves shouldn’t be playing ‘Grand Theft Auto’ with millions of addresses, emails and other sensitive information,” Rep. Edward Markey (D-Mass.) said in a statement Wednesday, echoing the condemnation issued Tuesday by Sen. Richard Blumenthal (D-Conn.).
The hue and cry will no doubt cost Sony tens of millions of dollars in the short term, analysts estimate.
In addition to losing an estimated revenue stream of about $10 million a week, Sony will probably have to reimburse customers who pay for its premium service, rebuild its computer systems and beef up security measures, said Michael Pachter, an analyst with Wedbush Securities who said the incident could cost the company $50 million.
That doesn’t take into account the cost of defending against lawsuits, including two filed in California that are seeking federal class-action status.
“Even if everyone loses just $1, that’s $70 million,” said Mark Rasch, director of cybersecurity and privacy at CSC, a computer networking and security firm in Falls Church, Va. Rasch, a former federal prosecutor who prosecuted Kevin Mitnick, a once notorious computer hacker, added, “If it’s $2, you’re looking at $140 million. Even lawyers can do that kind of math.”
But the greater damage to Sony may be to its reputation as a trustworthy provider of online entertainment, where the company has staked its future.
“For Sony, this was what they based an entire new half of the company on,” said Richard Doherty, an analyst with the Envisioneering Group, referring to Sony’s recent reorganization to place more emphasis on a relatively new business group called Networked Products and Services, which includes its PlayStation games business. “PlayStation Network was made out to be a pillar of success. This is creating new doubt.”
When Stringer became Sony CEO nearly six years ago, he made it a priority to build devices that can connect to the Internet. Using its PlayStation division as a model, Sony’s Blu-ray disc players, televisions and even alarm clocks can now access information online. The PlayStation 3, for example, lets users rent movies, streaming TV shows and listen to digital music, as well as play online games.
The company had been working to unify its users’ accounts across Sony’s products and services, but last week’s attack has likely thrown a monkey wrench in those plans.
Cameron Wilson, a 20-year-old student from London, Ontario, who used PlayStation Network to buy games and watch movies, said, “I doubt I will ever put my credit card information on their network again.”
The view from Sacramento
Sign up for the California Politics newsletter to get exclusive analysis from our reporters.
You may occasionally receive promotional content from the Los Angeles Times.