• Home
• Telecoms & IT
• News Article

Sony could lose billions after PlayStation security breach

Saturday, Apr 30, 2011

Gulf News

Dubai The theft of 77 million account user records by hackers who breached PlayStation Network (PSN) may not only present financial risk for users who shared their credit card details with the network.

Sony -owned PlayStation may be staring down losses of tens of billions of dollars to contain and repair damages caused by the April 19 intrusion into the online gaming network.

The Ponemon Institute, a data protection research firm, in its US Cost of a Data Breach report released only weeks before the PSN intrusion, said that malicious attacks on organisations have shot up 7 per cent in 2010 to an average cost per hacked company of $7.2 million (Dh26 million).

“For the first time, malicious or criminal attacks are not the least common cause of breaches — 31 per cent of cases involved malicious or criminal attack,” the report stated.

Breach costs for malicious attacks skyrocketed — 2010 cost per compromised record averaged $318, up $103 (48 per cent) from 2009.

Loss of trust

Applying the Ponemon formula’s cost per compromised record figure to the hacking of PSN could see the Sony subsidiary facing more than $24 billion in damages.

Speaking to the latest data breach report, Dr Larry Ponemon, Chairman and Founder of the Ponemon Institute, said in general terms on his blog that “individuals still care deeply about their personal information and they lose trust in companies that fail to protect it”. “It’s not only direct costs of a data breach, such as notification and legal defence costs that impact the bottom line for companies, but also indirect costs like customer business due to abnormal churn,” he said.

The jump in malicious attacks to 31 per cent this year, up from 12 per cent in 2008, suggests the electronic environs for companies are rife with danger. “The significant jump in malicious attacks over the past two years is certainly indicative of the worsening threat environment,” Ponemon said.

Increasing malicious attacks are costing companies more money, he said, “because they are harder to detect, the investigation is more involved and they are more difficult to contain and remediate. Another reason malicious attacks are so expensive is the criminal is out to monetise their work; they’re trying to profit from the breach.”

If financial gain was the impetus behind the PSN attack, hackers could cash in on possible exposure of credit card information from the Middle East where more than one million users are registered with the online gaming network.

PlayStation numbers show of that number, there are 27,000 PSN users with credit cards, 14,000 of whom reside in the UAE.

Professor Ajit Karnik, an economist in Dubai who teaches at Middlesex University Dubai, told Gulf News it’s difficult to gauge how the PSN breach will play itself out in coming weeks and months. “There will be strong financial and non-financial costs. Obviously if credit card details have been leaked then the costs could be enormous but it is not clear if this has happened. In the absence of actual fraudulent credit card usage, the only costs are non-monetary: the pain involved with cancelling existing credit cards and getting new ones,” he said.

Costs involved

“There are some costs involved here but it’s just the cost of plastic and transporting the cards to the credit card holders. However, the apprehension of credit cards being compromised will result in lawsuits against Sony which will cost it enormously — just how much will only be known if the case is settled against Sony . Users of PSN will also have to change their passwords on other accounts whose details have been compromised. Sony itself will have to fix the problem that has been created and this will involve a huge expense.”

There is also the long-term impact of the loss of some existing customers who may feel they have been let down.

“I would think there would be and the impact would be even greater if a competitor could take advantage of the problem Sony is facing. The loss of goodwill would take a long time to recover and this will be felt in terms of lost sales of the product of the company,” Karnik suggested.

By Derek Baldwin?Business Features Reporter

© Gulf News 2011. All rights reserved.