Hacking Sony

Written by Phin Upham

In the early morning hours of April 17, 2011, many gamers woke up to see what was new on the Playstation Network. Unfortunately, this group found their service inaccessible. Frustrated consumers began to call into Sony, demanding answers for the outage. It took Sony two weeks to confirm that they had suffered a network intrusion, which is becoming all too common these days. This is a brief look at the Sony hacking, including some takeaways for modern business.

A blog post on the Sony blog dated April 20th was the first indication that something was wrong. “We are aware,” the post said, “certain functions” were down. Sony tried to follow up with some good customer service a day later, telling customers they would be refunded for their lost time on the PSN outage, and thanking them for being patient while they conducted an internal investigation.

Behind the scenes, Sony was working on identifying what had exactly gone wrong. In a post dated April 26th, they explained that they were unsure of what caused the problem and did not wish to spook people unnecessarily with premature claims.

However, gamers were unsatisfied. They had not only lost their service, Sony was unable to immediately confirm whether personally identifiable information was stolen until weeks after the fact. This prompted the US House of Representatives to conduct a probe into the company’s conduct. Ultimately, hackers did pull personally identifiable information from Sony’s databases, one of the most prominent massive data breaches in recent memory.

Part of the issue was unidentified vulnerabilities, so one major takeaway is quality control. Developers are under deadline, so code is not always tight and secure. Proper testing will catch many of these issues before they happen. Communicate with your customer base and law enforcement and get the problem handled as soon as possible.


Phin Upham

Phin Upham is an investor from NYC and SF. You may contact Phin on his Twitter page.