Sony today hosted a press conference in Japan to discuss the ongoing PlayStation Network and Qriocity outages and security breach. Executive Deputy President of Sony Kazuo Hirai took center stage, flanked by Chief Information Officer Shinji Hasejima and Senior Vice President of Corporate Communications Shiro Kambe.
The trio somberly bowed to the gathered reporters as Hirai said through a translator, “We’d like to extend our apologies to users we’ve inconvenienced and worried.”
Providing scant details on the “external intrusion” that lead to the voluntary shutdown of both PlayStation Network and Qriocity services on April 20th, Hirai confirmed it was a “highly sophisticated attack” by an intruder that “took steps to cover their tracks.” He maintained that there have yet to be official reports on credit cards being illegally accessed during the breach and that Sony is working with the FBI on a criminal investigation into the attack.
Hirai said that 10 million customers have registered credit cards on PSN, though it’s impossible to know how many were leaked online – or if they were at all. Regardless, he cautioned PSN members to “be vigilant” and continuously check credit card statements, as well as change any passwords for services like Facebook which may have been linked to Sony’s online service.
Last week several people came forth to various news outlets claiming they were victims of recent credit card fraud, suggesting a link to the Sony data breach. However, a direct connection has yet to be uncovered.
In light of the intrusion, Sony intends to take numerous steps to prevent such an attack in the future, such as: a complete data server move to a more secure center; advanced data encryption; additional firewalls; and new capabilities to better detect unusual activity.
Furthermore, a new position within the company will be created. The Chief Information Security Officer’s focus will be overseeing network security and customer information protection.
Hirai stated that Sony expects the PlayStation Network to begin coming back online over the next week, though stressed security was a priority; a complete re-launch is predicted within the month. Initially, the company wants to allow PSN members to reset passwords before fully re-instituting online play and the PlayStation Store.
Hirai admitted Sony is considering covering the cost of reissued credit cards for PS3 owners who have canceled theirs out of caution. He then detailed a special “Welcome Back” program for consumers as a “thank you” of sorts.
A free 1-month trial of Sony’s PlayStation Plus service will be offered to all PSN members, and those who already pay the $50/year subscription fee for cloud game data storage and myriad discounted content will similarly have one month of the service extended to them at no charge. Additional free content was also mentioned, but has yet to be named.
During a question and answer session, internet hacktivist Anonymous was mentioned by a reporter. Despite Hirai’s earlier confirmation that the group had indeed published information on Sony employees and their families online and launched DDoS attacks on public PlayStation websites, he clarified that there was nothing to suggest any connection with the most recent digital attack.
The hacker collective itself denied involvement in the recent network infiltration days after the PSN went dark. A week before the intrusion that set off the recent chain of events, Anonymous had announced a complete end to online operations aimed at Sony.
Sony has simultaneously updated its Official U.S. PlayStation Blog with a lengthy press release covering most of the information unveiled in the press conference.
Expect more news as we move into week two of the PSN outage.