Sony (SNE) delivered the bad news to its PlayStation customers: personal information for its 70 million PlayStation Network customers had been compromised. Sony couldn't even rule out that intruders might have snagged credit card info.
That breach makes the recent Epsilon marketing services break-in seem like nothing in comparison. Apparently there have been only four breaches involving more consumers. Sony had to shut down its video downloading and gaming network, as well as its subscription music service Qriocity.
The level of blunder and the ham-handed way in which Sony dealt with the issue paints a picture of stupid management, grossly negligent operations, and the single best argument of why gaming customers should turn to Microsoft (MSFT) and its Xbox 360. And lord only knows how many other companies are just waiting to prove themselves as dangerously clueless.
To grasp how badly Sony has performed, consider the recent timeline:
- Someone broke into Sony's networks between April 17 and 19 and stole data. Apparently, there is evidence that the people involved learned their methods from an attack by hacktivist group Anonymous at least a week before.
- Users first realized that PlayStation Network was unavailable on April 21.
- Six days into the network being down, Sony had "only vaguely acknowledged" an attack.
- Finally Sony acknowledged what happened.
Sony brought in outside security people, but not in time to fix the known issues that might have allowed the attackers entrÃ©e in the first place. And the culmination of Sony's latest message about the mess was a beaut:
We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.Quite the apology. What else are people supposed to do other than be patient? It's not as if they have a lot of recourse at the moment ... well, other than a class action suit. Expect the lawyers to begin sniffing around for an opportunity.
As far as keeping customers, the only thing working in Sony's favor is the fact that many millions of them have bought hardware that requires the company's networks. Talk about giving Microsoft a marvelous opportunity. Can you imagine a trade-in program that let PlayStation users move to Xbox 360?
It would serve Sony right, because this is a problem that clearly had a solution, only the company wasn't interested enough it actively dealing with security issues. I wonder how much larger the bill will be for mopping up all the managerial excrement that has hit the ground.
- The Epsilon Email Break-In: A Bad Break for The Cloud
- It's Way Past Time for Corporations To Stop Hiding Security Problems
- A PlayStation Phone Won't Fix Sony's Gaming Businessd
- Gaming Companies, Like Much of High Tech, Often Don't Understand Customers