Skip to main content

Into the Breach

Sony's PSN security breach looks disastrous - but it's so much worse than that.

Dark blue icons of video game controllers on a light blue background
Image credit: Eurogamer

Published as part of our sister-site GamesIndustry.biz's widely-read weekly newsletter, the GamesIndustry.biz Editorial, is a weekly dissection of an issue weighing on the minds of the people at the top of the games business. It appears on Eurogamer after it goes out to GI.biz newsletter subscribers.

In spite of the entirely justified anger which consumers are feeling towards Sony this week - and as a consumer whose debit card has just been compromised by the security breach, while I'm living halfway around the planet from the bank which issued it, no less, I think I can speak with some authority on that anger - it's hard not to feel a little sorry for the workers at the coalface of this disaster. "Disaster" is truly the only word for it, and one flinches to imagine just how awkward life is right now for the network engineers and security specialists whose job it was to prevent such a breach.

After all, as some of the company's more ardent defenders have pointed out, it's not like Sony are the malicious party here - a determined group of hackers (but not the "Anonymous" group, as was originally assumed) illegally breached the company's security. PlayStation fans rushed to Sony's defence on those grounds; games business types, while not exactly leaping into the breach, have been vaguely muttering about the "real villains" - the implication being that consumer ire is misdirected.

Not so; consumers are quite right to be furious at Sony for this breach. Certainly, the breach was committed by hackers, but the trust relationship which has been broken here is the one which exists between consumers and the company to whom they have granted permission to hold their personal details. Consumers don't have a relationship, trusting or otherwise, with hackers. They have a relationship with Sony, and that relationship is predicated on Sony's assurance that it is a competent and responsible holder of personal data.

Forced to admit to the scale of the disaster, Sony looks incompetent and bungling.

There's absolutely no question but that this is a hugely damaging blow to Sony, and to the PlayStation in particular. The PS3 has already faced fairly significant market challenges, not least of which is the clear inferiority of the PSN services in comparison to Microsoft's more functional and widely-used Xbox Live services. Clawing back the one-year sales lead enjoyed by Microsoft has been a tough task, arguably exacerbated by the technical and economical problems created by the PS3's over-ambitious yet poorly considered hardware design. This week's scandal shoves a stick into the spokes of that effort to best Microsoft's market position.

Even if the actual damage caused by this intrusion is minimal - and there's some suggestion that it was designed to embarrass Sony rather than to actually steal customer data, being a revenge attack of sorts for Sony's recent legal and technical attempts to prevent the opening up of the PS3 to homebrew code - the reputation damage is incalculable. Forced to admit to the scale of the disaster, Sony looks incompetent and bungling; by doing so so many days after PSN originally went offline, the company looks dishonest (even if there's a genuinely good reason for the delay, as the firm claims).

Loss of face aside, though, just how seriously will this damage Sony? We've seen all manner of predictions on that front, spanning everything from the inevitable claims that it's a storm in a teacup through to the equally inevitable (and equally incorrect) claims that this is the end of the PS3 as a viable platform.

That's obviously not the case - it's ridiculous to claim that gamers are going to abandon a successful hardware platform in which they are heavily invested because of an event such as this. The negative press, however, reaches far beyond specialist sites and blogs, and will absolutely influence purchasing decisions in the months to come, depressing Sony's sales and probably giving its rivals an opportunity to extend their installed base leads - a serious blow to the company. Moreover, unless a swift resolution is reached, the story will inevitably rear its head again when the NGP, a handheld console heavily reliant on PSN, makes its way to the market.

Those are short-term impacts of the breach, though, and however severe they may be, I'd argue that they pale in comparison to a long-term effect which is more subtle, but potentially absolutely catastrophic for Sony's future business plans. In blunt terms, Sony just lost the single most valuable asset for a major player in the digital media space - consumer trust.