Plugged In

Sony’s hacker woes: Is the company doomed?

Bumper Jack

View photo



Even the unfortunate people whose personal information was stolen in the great PlayStation data heist of 2011 have to feel a little bad
for Sony these days - or maybe some Schadenfreude.

Between the initial hack -- in which 77 million accounts were compromised -- the continued disruption of the PlayStation Network and the
subsequent discovery that another 25 million accounts had been hacked, the once
proud tech giant has been brought to its knees. Can it rise again?

It's likely. A good barometer of how recoverable a disaster might be is the company's stock. And, so far, Sony shares have only fallen 6 percent or so since this whole nightmare began.

That's not much -- and that's good news.

The truth is, data breaches, even big ones like this, aren't entirely uncommon in today's world. And they're going to happen more in the years to come. And while it's frustrating and even a little frightening for consumers, people generally focus their anger on the hacker rather than the company that was hacked -- unless evidence emerges that the company cut corners on its security systems.

"Sony, by saying nothing for a week or so, created the appearance that they were cavalier," says Michael Pachter, an analysts with Wedbush Securities. "I don't believe that was so. ... It's sort of like some people who drive the speed limit with both hands on the wheel still get in accidents."

To Pachter, where the company really messed up was in how it communicated with its customers.

"The reason people were fearful is that most of Sony's [PlayStation] customers have no idea what credit card fraud is -- or identity theft -- and assume the worst," says Pachter. "It's like hearing there's a fire a block from your house. You don't know if it's a trash can fire or a house burning down, so you assume the worst. Sony could have done a lot more to educate their customer about the extent of the breach and the impact."

Bad communication is frustrating, but not fatal. And make no mistake: the communication here has been a seriously lacking. Since April 20, it has been one disaster after another for the company, mostly in its public handling of the situation.

First, the company took its PlayStation Network offline without any explanation, baffling gamers and putting online conspiracy theorists on edge. When it finally did address the issue, it failed to offer any explanation as to why the network was down and said it would only be that way for a few days.

Then came the acknowledgement that it had been hacked -- a frightening word to consumers, but the severity of the data intrusion was even worse than most people had been theorizing. Most frustrating was the comment that Sony really wasn't sure if user credit card information had been taken.

On Sunday the (long overdue) formal apology came from the company, along with some sketchy details on how it planned to make things right. And while executive deputy president Kazuo Hirai was quite sincere in his spoken apology, the company neglected to include that apology to users in the press release it sent out afterward.

The next day, Sony Online Entertainment announced its own security breach -- one week after it had assured customers that their data was safe because "SOE's systems and databases are separate from PSN's." While insisting this was not a second attack, SOE did note that they actually *had* been breached a couple days before the PlayStation Network.


At this point, Sony is frantically working to rebuild the
network and will offer users plenty of freebies as a make good - including a
free month of PlayStation Plus and Music Unlimited by Qriocity. Don't be
surprised if they add even more to that package before all is said and done.

SOE, meanwhile, is giving users a free month extension on
their subscription as well as one day for every day the network is down.

Working to the company's advantage are the famously short memories of gamers. They're quick to anger -- and vow a boycott -- but those feelings tend to be forgotten when a must-have game comes out. Case in point: Microsoft's infamous Red Ring of Death error. Despite an internet crawling with angry consumers telling tales of multiple busted systems, the company managed to not only rebound from the gaffe, but largely erased concerns via a smart redesign and successful blockbusters like Halo: Reach and Kinect.

The general public will be slower to forgive and forget Sony's massive security breach, but (assuming no more security bombs drop) within a year, this whole fiasco will be something most people rarely give a second thought.


View Comments (56)