Sony Corporation's Executive Deputy President Kazuo Hirai held a press conference on Sunday to address the PlayStation Network (PSN) hacking. During the event, Hirai apologized to gamers worldwide, and detailed a "recovery plan" for both the PSN and Qriocity services, which have been offline since hackers attacked them on April 19.
Coming in the same timeframe as the Amazon.com EC2 outage, could make consumers and businesses think twice about putting all their important information in the cloud, where hackers or outages could result in inaccessible or lost data. It comes at a time where consumers are being enticed to store their data in the cloud, with services such as Amazon.com's Cloud Drive and an upcoming Apple iCloud service.
According to Sony, its services will begin being restored later this week. The company will shortly begin a regionally-targeted "phased restoration," beginning with gaming, music and video services. Among the missing pieces will be the PlayStation Store downloadable games shop, which will not come online until later in May. Sony
also announced both a series of enhanced security steps, and a customer appreciation program known as the "Welcome Back" program.
Upon coming onstage, Hirai and other Sony executives apologized to users immediately. In addition, they bowed in front of the press present.
Speaking via a translator, Hirai said:
“This criminal act against our network had a significant impact not only on our consumers, but our entire industry,” Hirai said. “These illegal attacks obviously highlight the widespread problem with cyber-security. We take the security of our consumers’ information very seriously and are committed to helping our consumers protect their personal data. In addition, the organization has worked around the clock to bring these services back online, and are doing so only after we had verified increased levels of security across our networks."
Reports of PSN users seeing fraudulent credit card charges have arisen since the hacking, despite Sony's assurances that the CVV codes were not stored in their databases, and that the credit card numbers were encrypted. Addressing this, somewhat, Hirai added, “We advised customers to be vigilant” [about the credit card numbers and checking their credit card statements]
. Although reports coming from security firms monitoring hacker forums indicated that a group had boasted of 2.2 million credit card numbers, Hirai said that as many as 10 million credit cards numbers may have been stolen.
Many gamers play on PSN free, eschewing paying for the service, which explains the difference between the number of credit cards and the full number of players for the service. The full number is estimated to be about 77 million people.
Sony's "Welcome Back" program will included the following "central components."
- Each region will be offering selected PlayStation entertainment content for free download, with specific details of the content to be announced in each region "soon."
- All existing PlayStation Network customers will be provided with 30 days free membership in the PlayStation Plus premium service. Current members of PlayStation Plus will receive 30 days of free service.
- Music Unlimited powered by Qriocity subscribers (in countries where the service is available) will receive 30 days of free service.
- Additional “Welcome Back” entertainment and service offerings will be rolled out over the coming weeks as full functionality returns.
As part of the enhanced security measures, the PS3
will have a forced system software update which must be installed before users can sign into PSN again. In addition, all registered PSN members will have to change their account passwords. Finally, that password can only be changed on the original PS3 in which that account was activated, or through a validated email confirmation.
On closing, Hirai and the other executives apologized and bowed again. Hirai added that he would answer the questions sent to Sony from members of the U.S. Congress and added that he had not received reports of any actual fraudulent charges made related to the credit card numbers stolen. Sony continues to emphasize that the numbers were encrypted and the CVV codes, although requested, were not stored in the accessed database.