Forbes reported a Sony press conference on Sunday where the company apologized for its recent Playstation Network (PSN) data breach:
"Kazuo Hirai, head of the company’s networked product division began by saying that, 'we’d like to extend our apologies to the many Playstation Network and Qtriocity service users who we inconvenienced and worried because we potentially compromised their customer data. We offer our sincerest apologies.' ”
Sony executives at the press conference included Kazuo Hirai (Corporate Executive Officer, Executive Deputy President and President of Consumer Products & Services Group), Shinji Hasejima (Senior Vice President, Corporate Executive, Chief Information Officer), and Shiro Kambe (Senior Vice President, Corporate Communications). The company confirmed that PSN customers' passwords were not encrypted and were hashed. The company promised to offer several freebies and premium content for its customers affected by the data breach under a "Welcome Back" appreciation program.
A PSN press release on Sunday repeated much of the information from the press conference (video), the company said that some PSN and Qriocity services, which were shut down immediately after the data breach. The company expects to resume full services within a month. The order of planned resumption of services:
- Restoration of Online game-play across the PlayStation®3 (PS3) and PSP® (PlayStation®Portable) systems. This includes titles requiring online verification and downloaded games
- Access to Music Unlimited powered by Qriocity for PS3/PSP for existing subscribers
- Access to account management and password reset
- Access to download un-expired Movie Rentals on PS3, PSP and MediaGo
- Friends List
- Chat Functionality
Sony emphasized that it will not ask PSN customers for passwords via e-mail, and asked customers to be alert form phishing spam. Sony also summarized its efforts to strengthen the security of its networks:
- Added automated software monitoring and configuration management to help defend against new attacks
- Enhanced levels of data protection and encryption
- Enhanced ability to detect software intrusions within the network, unauthorized access and unusual activity patterns
- Implementation of additional firewalls
The Welcome Back program makes sense as customer churn is one of the largest expenses companies experience after a data breach.