PlayStation Network Hack Will Cost Sony $170M

alphadogg writes "Sony expects the PlayStation Network hack will cost it $170 million this financial year, it said Monday. Unknown hackers hit the network gaming service for PlayStation 3 consoles in April, penetrating the system and stealing personal information from the roughly 77 million accounts on the PlayStation Network and sister Qriocity service. A second attack was directed at the Sony Online Entertainment network used for PC gaming. Sony responded to the attacks by taking the systems offline." Does the $170 million figure include compensation for PSN subscribers who suffered from the outage?

Define "suffered from the outage"

[Whatanut]

Let's be honest. This is an outage of an entertainment network. I don't think anyone can really claim they suffered due to it not being available. If anything they may have gained by the fact that they did something else.

Now, if you want to argue that people are suffering due to the information loss, I'll go with that one. But not from the outage itself.

Re:Define "suffered from the outage"

[Blackwulf]

I imagine publishers that make their living selling downloadable games on PSN suffered from this outage in a highly economic way.

Compensation is Peanuts

[Sonny+Yatsen]

Look, the compensation that Sony is giving out in the aftermath of the PSN attack is peanuts. It doesn't cost them a hell of a whole lot to set up. The free two games? Sony already has deals set up with developers to provide "free" games to PSN plus subscribers, the additional cost of a few extra free games to all subscribers (who might not even take advantage of it, since most of these games are ancient and they probably already have it) is marginal, at best. The one month of free PSN+ for subscribers doesn't cost much, either, since it's only a small minority with PSN+ accounts. I'd doubt that the compensation would cost them much more than a few million dollars at best.

Re:Was it worth it?

[tepples]

The community is big, Sony is small

Then why doesn't the community organize to buy 51% of SNE, or at least enough stock to get someone on the board?

Seems "light"

[Archangel+Michael]

The estimate seems a tad "light". That might be direct costs (compensation, credit monitoring, lost revenue during outage etc), things that can be measured directly. However I'm sure that there is a a huge hidden cost that is not being included. I can't imagine it being anything less than half a billion in related losses. People think security is expensive. Lack of security is even more expensive.

Sony is no longer the paragon of technology they once were in the days of the Walkman.

Re:Yeah, but they can make it up in volume

[mlts]

I doubt it. Come September, things will be exactly business as usual with the PSN breach completely forgotten about by then.

I also doubt Sony lost much money. They might have lost a little bit handing out subscription time to compensate, as well as hiring some consultants to maybe add an IDS/IPS system in some places. However, realistically, their losses from the PSN breach are negligible, probably less than it costs to do a promotion of a new game.

Call me cynical, but a lot of firms know that they can skimp on security because it doesn't make them money. If they get breached, they make a token effort to "clean it up", and business goes on. It is going to take governments stepping in, and having nasty criminal/civil consequences happen to companies who go lax on internal security for this to ever change.

Re:Was it worth it?

I thought Sony started the fight when they tried to secure for themselves hardware that they did not own.

Re:Was it worth it?

[ALeavitt]

They obviously had someone on board, or OtherOS never would have been available in the first place. Because they had someone on board, they purchased PS3s. Then somebody else made the decision to retroactively remove functionality from the devices that they purchased, and they felt rightly outraged. It shouldn't be necessary to be a stockholder to expect that the consumer devices that you purchase won't be remotely disabled without any recourse in what essentially amounts to a bait-and-switch.

Won't cost Sony a dime

[Fujisawa+Sensei]

The hack won't actually cost them a time.

The compensation will be in the form of a PSN+ subscription. But you will still have to cough up a credit card or something. Then it will be the users responsibility to unsubscribe when the free subscription is up. Most of the Sony lemmings won't notice until the CC bill arrives, then they will already be in the second month of service and have to pay for that too.

So Sony is still going to make money from the deal.

Re:Was it worth it?

[mlts]

I think their next step is going to be wringing their hands in front of Congress asking for tougher laws against "hackers". Laws demanding hardware DRM stacks, ACTA, Son-of-ACTA, and other stuff (which have little to do with hacking, but a lot to do with basic free speech.) I'm sure they will be labelling the people who "jailbroke" the PS3 as the same people who stole their credit card data.

When trying to talk to the GPU

[tepples]

No, Sony started the fight by making half the system's RAM off-limits to homebrew. The Other OS hypervisor didn't provide any sort of 3D or 2D acceleration or even a well-defined method to use otherwise unused VRAM as a RAM disk. As I understand it, the only way Geohot and others tried to "hack the PS3's security" before this whole incident was just to try to do basic things with the GPU.

Re:When trying to talk to the GPU

[Duradin]

So basically Sony started it by trying to pander to the homebrew crowd. Shame on them for releasing the PS3 at all then.

Hopefully you'll be satisfied when no one will dare make any sort of move that could be viewed as friendly to the homebrew crowd lest they draw similar ire.

Re:When trying to talk to the GPU

[asdfghjklqwertyuiop]

I know. How generous and thoughtful of Sony to do something like accept that people should be able to use their own personal private property however they like. They should be nominated for a nobel prize. All those criminals who would do something so heinous as to write their own code should be thrown in jail immediately.

Re:And for Developers/Publishers?

[kimvette]

And how do you propose they recoup the lost confidence from their developers and publishers [slashdot.org]?>

Stop being so evil, for starters.

Sony's motto as of late seems to be: "Do as much evil as possible."

And now they are reaping what they have sown. I don't agree with the script kiddies' actions against Sony (i'm partial to destroying them economically through large-scale boycott) but Sony did have it coming to them. Taking away the OtherOS option (which is fraud; a bait-and-switch move by removing one of the key selling points) and then suing a customer who decided to take the functionality back was probably just the final straw. After installing rootkits (infringing on GPL'd code copyrights in the process) to customers' systems (a felonious act; accessing computer systems without authorization), falsely advertising product, building shoddy product and having some of the worst customer service in existence, are they actually surprised they are the target of script kiddies everywhere?

They invited it through their actions.

Re:And for Developers/Publishers?

[TheReaperD]

OtherOS was never a selling point to the vast majority of PS3 owners who probably never knew you could install Linux on the thing.

With the exception of programmers and high-end hackers... Which just happens to be the people Sony pissed off. The script kiddies just joined in for the fun after the fire fight started. This is very much a Sony created problem.

Re:And for Developers/Publishers?

[thsths]

> And as well all know, you can still have OtherOS if you want, you just won't be able to access PSN. It's your choice either way.

I'll cut of one of your arms, and you tell me which one. It is your choice, and therefore your fault if you lose the right arm (or the left).

Even the strongest Sony fanboy should see the flaw in the argument.