Sony PlayStation’s announcement that its database, which houses the details of over 77 million customers, was hacked could turn into the greatest data leak in history.
The Sony PlayStation Network, that allows gamers to play against users around the globe, listen to music and watch films has now been offline for over a week.
Although the shutdown meant pale-faced gamers actually stepped outside their darkened dens to enjoy some quality vitamin D intake over the sunny bank holiday weekend, Sony has been in the war room, counting the cost of its beleaguered security systems.
With its head bowed lower than a Call of Duty addict’s stoop, Sony admitted that it could “not rule out the possibility” that credit card numbers and expiry dates may have been obtained by hackers.
Gamers are now watching their accounts and inboxes, wary of illegal transactions and phising attacks and are likely to demand compensation should either occur. The Information Commissioner’s Office has also contacted Sony to determine whether it should press action.
Data analysts have predicted the information leak could cost Sony about $350 (£213) per customer data breach, but the company is likely to lose far more in trust.
While it is far from ideal that a global corporation like Sony could suffer such a massive security fail, many users have accepted that online, no network is 100% secure.
What was unacceptable was the six day silence between the PlayStation Network being shut down and the announcement about the potential personal data breaches.
Senior director Patrick Seybold’s excuse that “it took our experts until yesterday (Monday 25) to understand the scope of the breach” is unlikely to cut it with users who may have had their credit cards, passwords and mothers’ maiden names divulged.
Sony then waited until the following day (Tuesday 26) to actively contact customers individually by e-mail, despite sending out an official press release the previous day to the media.
The leak could not have come at a worse time for Sony, which took its first foray into the tablet market earlier this week.
Cynical onlookers may believe that the tablet launch was the real reason Sony delayed on informing its users about their data potentially being breached.
Sony’s communications team has now kicked into overdrive. Not only is it behind arguably its biggest product launch since the PlayStation 3, it is also having to deal with its biggest comms crisis since its flammable battery recall in 2006.
The crisis has been worsened by Sony’s failure to act quickly as soon as it realised the hack had occurred. And the rhetoric it has used on its blogs and e-mails almost pass off what could be – and let this be repeated – the biggest data breach in history as a technical hitch; a mere maintenance issue that will be resolved shortly.
Sony cannot be blamed for its hacked database, but it can and has been blamed for its timing. It owes its customers an apology and needs to invest in a mass communications campaign, beyond e-mail and blog posts to explain to users, on an ongoing basis, what they mean to the brand.
And, this time, it needs to act fast. Each day the network remains down, buzz about its tablet launch evaporates and gamers are migrating to PC networks, choosing Xbox 360s and dusting off their Nintendo Wiis.