Sony battles to regain trust after data breach
TOKYO (AFP) – Japanese entertainment and technology giant Sony faces a battle to regain the trust of millions of consumers after online networks integral to its strategy were hacked, say analysts.
One of the biggest data breaches since the advent of the Internet could cost it around $1 billion, but deeper damage to Sony’s brand image could undermine efforts to link its gadgets to an online network of games, movies and music.
“It is difficult to make profits on such devices without networking functions,” said Mizuho Investors Securities analyst Nobuo Kurahashi. “What is necessary is for Sony to restore consumer confidence.”
The cyber attacks on Sony in recent weeks involved the theft of personal data that include names, passwords and addresses from more than 100 million accounts on its PlayStation Network and Sony Online Entertainment services.
Sony has said it cannot rule out that millions of credit card numbers may have been compromised and has delayed the planned restart of PlayStation Network and Qriocity music streaming services after shutting them down.
Already reeling from the impact on production and output of Japan’s March 11 earthquake and tsunami disaster, analysts say Sony faces further costs in beefing up security and compensating consumers.
The breach is a blow to the firm’s drive to push its content through its game consoles, smartphones and tablet computers amid competition from Apple’s iTunes and App store and hardware rivals such as Nintendo and Samsung.
Consumer trust in security is crucial to the success of such “cloud-based” systems, say analysts, and the fact that Sony failed to encrypt some of its customers’ personal data has undermined confidence, they say.
“The network strategy is very important to Sony, and is representative of their efforts to move away from one-off sales of hardware and toward monetising a vast content library and adding a competitive edge to their hardware,” said Jay Defibaugh at MF Global in Tokyo.
“Anything that undermines consumer confidence in providing credit card information to Sony is a negative for the network strategy. The key point is whether Sony will be able to get consumers to move on after this incident.”
The Playstation Network system was launched in 2006 allowing gamers to compete online, stream movies and access other services via the Internet.
Along with the Qriocity music streaming service, it was shut down on April 20 following the breach and has remained offline as the company upgrades security and works with the US Federal Bureau of Investigation.
The company’s CEO Howard Stringer in a recent blog post tried to stem the anger of users furious that it did not admit the full extent of the security risk until a week after shutting the services down.
“I know some believe we should have notified our customers earlier than we did. It?s a fair question,” he said.
“I wish we could have gotten the answers we needed sooner, but forensic analysis is a complex, time-consuming process.”
But customers remained furious, with one posting: “You should not have sat upon your laurels when the information became available, the breach should have been made public knowledge immediately, not a few days after the fact.
“I have lost a lot of faith in Sony,” read another.
Some estimate the incident could cost the company over a billion dollars as it takes steps to protect customers and entice others back online with free offers.
“I have seen estimates of anywhere from $1 per customer to $10,” said Defibaugh. “$100 million is marginally material for Sony, whereas 80 billion yen ($1 billion) is clearly material for a company that generated operating profit of between 200 billion and 250 billion yen last quarter.”
As of Thursday’s close, Sony shares are roughly 5 percent lower than before the crisis. It is being sued in a US court by gamers who have accused it of being negligent and breaching its contracts with PlayStation Network users.
However, news that the entertainment giant will offer US PlayStation Network and Qriocity users free enrollment for 12 months in an identity protection programme — including a $1 million insurance policy per user if they become victims of identity theft — has drawn a more positive response.
“At least they are doing the right thing to protect us,” wrote another user. Sony has said it is working to make similar programmes available elsewhere.
The breach is also the latest test for Kazuo Hirai, a longtime executive credited with expanding the firm’s PlayStation Network system and named as the frontrunner to succeed Stringer.
The day after Hirai was named, Japan was hit by the 9.0 magnitude quake and tsunami, forcing Sony to shut some plants due to supply problems.