The external intrusion, as Sony is wont to refer to it, into the PlayStation Network is kind of a big deal. Straight from their Q&A about the situation, Sony confirms that there are 77 million accounts that could possibly have completely compromised data. All data from the profile, such as name, email, birthday and address, plus maybe more, is in the hands of those who hacked the network.
Smooth move, Sony.
That said, they have finally announced that they have no evidence that credit card information had been gleaned. Unlike their personal data tables, they’d deigned to encrypt all of that. That hasn’t stopped people from coming out of the woodwork to blame Sony’s data leak for their own financial issues however. As other outlets have pointed out, that’s possibly due to being on high alert for such things.
Having established that this “intrusion” is a big deal, the question then becomes is it really a Big Deal like many are making it out to be? If Sony’s correct in stating that credit card data was safe from those pesky hackers, then it’s more likely that a PSN user will drown in their bathtub than have financial repercussions stemming from this breach. In fact, considering that the chances of that data being out in the open is close to nil, it’s more likely that a PSN user will do… anything rather than having financial repercussions.
In reality, the Big Deal that everyone seems to be concerning themselves with is almost a non-event for the average user. For a vast majority of people, all of that personal data that might now be out there in the aether could be found with a quick Google search. It’s surprising the number of people who volunteer information to be shared publically. With just a name and a general location, a plethora of information can be dug up on just about anyone. If nothing else, the RealID incident with Blizzard taught us that.
So, having eliminated any real threat to the common folk, the repercussions fall almost entirely on Sony. Due to their mishandling of the situation, they have opened themselves up to various forms of litigation. A class-action lawsuit already brews on the horizon. Add to that that there’s some speculation that storing personal data without encryption might land them in hot water in other ways as well.
But the week delay in notification and the very, very small chance that any issues arise from the theft have more or less put Sony’s approval rating in the toilet. Yes, the service is free to the public, but that doesn’t excuse the response time. It doesn’t help that it happened the week that Portal 2, Mortal Kombat and SOCOM 4 hit shelves. All three require PSN connectivity for many of their functions. Given that it’s been down this long, there’s no doubt that it’s hurt what might have otherwise been a phenomenal week for the PlayStation 3.
And now that any trust they had previously garnered is gone, Sony will have to build it back up again in ways that this writer can’t imagine. That, or they’ll simply chalk it up as a loss and move on. Either way, this whole saga has been one huge tech no-no after another. Sony failed to encrypt, failed to inform and just overall failed to keep up their end of the bargain. Their response—when it finally came—seems appropriate and thoroughly researched. But it came too late.
There are many folks out there arguing that Sony isn’t responsible for the attacks on their network; the real perpetrators are the criminals involved here. That isn’t entirely untrue. Sony the company is hurt most of all by this action, with the consumers being factored in as a tangential factor. It’s not about what those hackers will do with the information.
It’s that they were able to get it at all.