The last few months have been quite a PR disaster for Sony: last month, the system got hacked for the first time, and information leaked, including emails, passwords and even credit card numbers. Then, after a period of downtime, the system gets hacked again, multiple times, and just after it was just starting to be phased back in, behold: an unresolved exploit has been publicized.
It all began when Nyleveia, a popular gaming site, reported on the exploit. According to the publisher, they had sent Sony an e-mail when the post was made. 15 minutes later, user login onto virtually all of Sony’s gaming services, including PlayStation.com, Qriocity.com and even gaming title websites, according to a post on PlayStation’s European message boards. This means that if you’re hoping to play your favorite games today, you’re out of luck.
Of course this raises the issue of whether Sony actually knew about the breaches and left them unpatched, or just didn’t do enough to ensure the system’s security. Sony’s CEO Howard Stringer dismissed those fears at an interview:
"This was an unprecedented situation," Stringer told reporters on Tuesday, speaking publicly for the first time since the April breach.
"Most of these breaches go unreported by companies. Forty-three percent (of companies) notify victims within a month. We reported in a week. You’re telling me my week wasn’t fast enough?"
Of course there is a cost to all of this, aside from the obvious maintenance costs. The company said it would be offering perks to its affected customers, including free downloads (which haven’t been announced yet) as well as a 30-day extension and upgrade to subscriptions. But of course this won’t mean much to those who rushed to the bank to cancel their credit cards in fear they might have been leaked.
There’s also the question of whether limited information about the exploit should have been publicly disclosed before it had been patched, but Nyleveia defended itself by pointing out that such information had already been publicized among the hacker community and bringing it to light of day was the best way to put a stop to it.
Will PlayStation subscribers say "enough" and move away from the service despite the exclusive offerings? Will Sony be able to recover from this PR nightmare? Definitely not until the system remains stable for over a week.
Update: Sony has just issued an official statement on the matter, dismissing reports that there was any hack involved. Both the PSN and Qriocity password reset pages were taken down by Sony because of a URL exploit, which was subsequently fixed. Full statement can be read here.