We’ve known for a few days now that the Playstation Network‘s recent downtime was due to outside intrusions, but it was only today that the curtain was drawn back, and the true extent of the security breakdown made evident. While there are likely thousands of furious PSN users who are wondering why it took so long for Sony to alert them that their personal information may have been stolen last week, Sony has quickly responded to allegations by explaining that as soon as they learned the extent of the infiltration, that information was shared with their customers. As it turns out, the delayed announcement was a result of just how much work it took to grasp the scale of the attack.
While it surprised few to find that Sony had fallen prey to crafty hackers after they took George ‘GeoHotz’ Hotz to court over a leaked root key for the PS3, few would have guessed that any hacker, no matter how resourceful, could gain access to the personal information of an unspecified number of PSN accounts.
Only yesterday the company was explaining the downtime by saying they were rebuilding their security systems, so many Sony faithful may have assumed that the worst of the situation had passed, and actions were being taken to prevent future PSN outages. But when Sony clarified today that PSN user accounts were hacked last week, serious answers were demanded.
How could it have taken this long to find out that PSN accounts were accessed? Had Sony learned of the fact days before announcing it? Sony’s Senior Director of Corporate Communications and Social Media Patrick Seybold has now explained the delay in a release to IGN, claiming that the announcement came so late because the extent of the intrusion simply took that long to unearth:
“There’s a difference in timing between when we identified there was an intrusion and when we learned of consumers’ data being compromised. We learned there was an intrusion April 19th and subsequently shut the services down. We then brought in outside experts to help us learn how the intrusion occurred and to conduct an investigation to determine the nature and scope of the incident.
“It was necessary to conduct several days of forensic analysis, and it took our experts until yesterday to understand the scope of the breach. We then shared that information with our consumers and announced it publicly this afternoon.”
Telling your customers that their personal information and credit card numbers may have been acquired illegally a week after the fact isn’t a great way to gain popular support, but it does change things. If the statement is truthful, then it’s hard to accuse Sony of dragging their feet with customer information at risk. Whether PSN should have been so vulnerable to attacks can still be debated, but not the response of the company.
Now that Sony has claimed that they made their customers aware of the nature of the breach as soon as it was uncovered, we’ll have to see if the jilted users believe it. While the company might like to forgive and forget, their customers may not be so eager to give them another chance, especially when they have alternatives.
Well PSN users, will you give Sony the benefit of the doubt that they responded as best they could, or do you think that the PlayStation Network drama has only just begun?
We’ll let you know when the system is back up and running, but for now it seems that Sony has their hands full.