May 17, 2011 7:08 pm

Sony chief braced for cost of hacker attack

Sony will lose money and customers as a result of the hacker attack on its PlayStation Network, Sir Howard Stringer, its chief executive, has warned.

In his first interview since taking the gaming network offline in late April, Sir Howard said Sony had not determined whether it will take a one-time charge related to the breach. But he acknowledged that the company is facing costs related to repairing and upgrading its online networks, lost revenues during the outages, and new identity theft insurance that it is offering customers.

More

On this story

IN Technology

“The charges sort of mount up, but they don’t add up to a number that we can quantify just yet, because we’re still investigating,” Sir Howard said Tuesday, noting that Sony will report fourth-quarter and full-year earnings next week. “We will obviously be including some of this in that, but it still won’t be a definitive number.”

Sony may see PSN users abandon the service in the wake of the prolonged outage, Sir Howard admitted, but he sought to downplay the risk of a mass exodus. “My guess is that we will not lose so many, and that we will recover them quickly,” he said. “I don’t anticipate extended damage. But obviously we’ll find out.”

The company has been buffeted by criticism since it revealed that a hacker had stolen personal information from PSN, the largest online gaming network, with more than 70m users. The company later admitted that the hacker also obtained data from Sony Online Entertainment customers, bringing the total number affected to more than 100m.

“This was an unprecedented situation for all of us,” Sir Howard said. “This was the largest cyber attack probably in history so far.”

Security analysts working with Sony have said that the attack was so sophisticated it would have been difficult for any company to withstand. But others have said the company failed to heed warnings and fix obvious security holes.

Sir Howard also said criticism that Sony waited too long to report the breach was unjustified. “We reported faster than anyone we can find. We had to know what was being stolen, rather than leaking information out piece by piece and panicking the customers,” he said.

The attack has sparked lawsuits and prompted the US Congress to propose new legislation. It has also drawn scrutiny to the amount of data stored in online entertainment networks which are increasingly important to technology companies including Apple, Amazon and Microsoft.

Sony said there was no indication that the stolen data has been used by the hackers for malicious purposes. “We have no information on identity theft and no evidence of [credit card abuses] yet,” Sir Howard said.

Sir Howard sought to put the attack on Sony in the context of the broader conflict among cyber criminals, companies and governments. “The good guys have to keep getting better, because the bad guys keep getting better too,” he said. “It’s a kind of escalating competition.”

On Monday the White House pledged to work more closely with other governments to improve the reliability of the internet while also cracking down on cyber crime, developments Sir Howard welcomed.

Sony began bringing PSN back online on Saturday afternoon. The service is not yet restored in Japan, however, and Sony would not say what specific measures the Japanese government is seeking before it approves the resumption of the service.

In the weeks since the attack, Sir Howard has put forward Kazuo Hirai, head of Sony’s consumer electronics division and Sir Howard’s likely successor, as the face of the response. Mr Hirai joined the roundtable interview by video conference, and said his team was working to repair relations with customers.

The company has also begun a company-wide review of cyber security, Sir Howard said. “We are examining security at every level of the company,” he said. “That’s been included in the investigations. We are sparing no expense.”

Yet, Sir Howard said that in a more volatile online world, it would remain a constant challenge for companies to protect themselves from hackers. “I don’t think you can say it will ever be 100 per cent safe.”

Additional reporting by Joseph Menn

Related Topics

Copyright The Financial Times Limited 2014. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.

NEWS BY EMAIL

Sign up for email briefings to stay up to date on topics you are interested in