The cost of Sony's PlayStation Network outage: $24 billion or $20 million?

Now that Sony has figured out that hackers stole personal records for more than 77 million PlayStation Network users, everyone wants to figure out how much the incident has cost the Japanese company.

The estimates today range from $20 million in lost revenues for a couple of weeks to $24 billion for the full costs of dealing with the consequences of losing control of customer data.

Michael Pachter, an analyst at Wedbush Morgan, estimates that Sony makes about $500 million in annual revenue from PSN sales of downloadable games, movies, music etc. So that comes out to about $10 million per week, with a 30 percent profit margin. Over two weeks of an outage (Sony said it would be down for another week as the system is rebuilt), Sony will likely lose about $20 million in revenue and $6 million in lost profit.

Sony will also likely have to compensate users for downtime, which could come in the form of credits for free usage. Sony may also have to incur some expense to indemnify customers against credit card and identity theft. Pachter believes those expenses will likely be pretty small, mainly because he believes the hackers probably wont fully capitalize on the stolen credit card data. If they really wanted a big score on that front, he reasons, the hackers would hit a luxury retailer.

But Forbes cited a study by the Ponemon Institute, a think tank on security, that estimated the cost per person for a data breach is $318. That means the potential cost of the PlayStation Network breach could be more than $24 billion. That’s probably a stretch, but it is a reminder of how much data breaches can cost a company. The loss for Sony’s reputation is probably immeasurable.

Sony said, “We recognize that this may have had financial impact on our loyal customers. We are currently reviewing options and will update you when the service is restored.”

Meanwhile, Sony issued its own new information on how much it knew about the data loss and when. Sony spokesman Patrick Seybold said on the PlayStation blog today that it learned there was an intrusion on April 19 and shut the online game and entertainment services down on the 20th. It then hired forensic analysis experts to find out what happened, and the experts finally notified Sony yesterday of the full scope of the breach. That, Sony said, is why it took so long to share the data loss with the public.

Sony said it is still investigating the cause of the attack, and it declined to say whether Anonymous or another online hacking group was responsible for the attack, which came from the outside. Sony said that as it rebuilds the system, it is adding new countermeasures to prevent future attacks. The company is also notifying all users who had their data compromised via email messages. But Sony says it will not contact users asking them to verify their credit card numbers, as that is what email scammers would do.

Sony’s PlayStation Home virtual world and its Qriosity music and video services are also down, but Sony Online Entertainment, which has massively multiplayer online games such as Free Realms, is available. SOE was also disrupted by an attack but recovered more quickly from it.

0 comments

Trackbacks

  1. [...] the costs of not prioritizing security are enormous. Recent reports estimated that Sony lost anywhere from $20 million (a few weeks of lost revenue) in to $24 billion [...]

  2. [...] personal attacks on individuals, attacks on the CIA and United States Senate and businesses like Sony and Bethesda Softworks. It’s overwhelming to even try and keep up with the daily drama [...]

  3. [...] on individuals, attacks on the CIA and United States Senate and businesses like Sony and Bethesda Softworks. It’s overwhelming to even try and keep up with the daily drama [...]

  4. [...] for nearly a week after the issue came to their attention. It already hurts Sony that the PSN blackout is costing them an estimated $24b but having to deal with a class action will make that figure just that much [...]

  5. […] thing, you risk not only your efforts in that space, but also your reputation apart from that.  How do you feel about Sony after their data breach in 2011?  A problem in this space, such as privacy breach, misuse of customer content and the like may hurt […]