Sony Apologizes for Network Breach, Aims to Resume Service

Sony Corp. apologized for the breach of its PlayStation Network and Qriocity services, and said it aims to resume the online gaming center by the end of the month after upgrading security.

Partial resumption of the services will likely occur in a week, Kazuo Hirai, Sony’s executive deputy president in charge of consumer products and network services, said in his first comments since the facility was shut down April 20. Hirai and two other officials bowed in apology at a press conference yesterday, and said the company can’t rule out credit card numbers and expiry dates having been stolen.

“We’re very sorry for causing troubles and worries to our customers,” said Hirai, the frontrunner to become chief executive officer. The company is cooperating with authorities including the Federal Bureau of Investigation to chase the intruder, he said.

“As long as there are no reports or Sony doesn’t see any evidence that the credit card database was hacked, that’s positive,” Jay Defibaugh, an a4nalyst at MF Global FXA Securities in Tokyo. “For his first real major test, Hirai held up relatively well.”

The shares rose 2.5 percent to close at 2,316 yen in Tokyo today, their first advance in six days. Last week, Sony slumped to the lowest level since July 2009 on concern the fallout will set back efforts to compete against Apple Inc. and Microsoft Corp. in online movies and games.

Regulatory Backlash

Sony is facing a regulatory backlash over delays in warning 77 million users about possible data theft by a hacker. The company alerted customers of the security breach on April 26, six days after closing the PS Network and Qriocity video-and music-streaming services.

The company is probing the extent of the data theft and hasn’t found evidence that information on 10 million registered credit cards has been leaked, it said in a statement yesterday.

Sony hasn’t received a damage report on misuse of credit card or personal data since its data center in San Diego was attacked between April 17 and April 19, Hirai said. Security codes are believed to be safe, he said.

The company may pay the fees to reissue customer credit cards and will consider compensation to users whose cards were misused by the hackers, Hirai said. Such payments and damages to revenue from PS Network and Qriocity services during the suspension may impact Sony’s earnings, he said.

Moody’s Rating

The Japanese maker of Vaio computers and Bravia televisions is due to report earnings for the year ended March on May 26.

Legal and technology costs are likely to increase because of the incident, further hurting Sony’s credit profile, Moody’s Japan K.K. said in a statement today. Sony has an A3 rating at Moody’s with a ‘stable’ outlook. Moody’s will continue to monitor developments regarding the data-security breach, it said in the statement.

A lawsuit filed April 27 in federal court in San Francisco alleges the delay left PlayStation users exposed to losses related to any credit-card data theft. Officials in Connecticut, the U.K. and Ireland began inquiries. The Italian Data Protection Authority said April 28 it will contact Sony to gather more information and Japan’s Ministry of Economy, Trade and Industry is also doing the same.

Sony issued warnings on April 26 saying users’ personal information such as e-mail addresses, birthdates, login information was stolen by a hacker between April 17 to April 19. Purchase history and credit card information may have been stolen, the company said at the time.

Google, Walt Disney

The company will upgrade the PlayStation 3 software before the service resumption and will ask all users to change their passwords, the statement said. Sony will also create a chief information security officer, it said.

Sony’s system has had attacks by hackers in the past few months, Hirai said. Involvement of so-called ‘Anonymous’ hacker group in the late April incident hasn’t been proven, he said.

Sony was singled out in a statement by a group of hacker-activists known as ‘Anonymous’ after the company sued George Hotz for posting online information about how to install alternative operating systems for the PS 3 game console. The group issued a separate statement denying responsibility for the PlayStation Network disruption, while saying some of its members might be behind it.

Hackers previously also targeted Sony along with companies including Google Inc., Walt Disney Co., and Johnson & Johnson, according to confidential e-mail discussing the subsequent investigation.

The network was introduced in November 2006 when the company started selling PlayStation 3 game consoles, according to Sosuke Kamei, a Tokyo-based spokesman for Sony’s game unit. The online services will remain core to Sony’s strategies and the company won’t delay introduction of networked products such as tablet computers and portable gaming devices, Hirai said.

Hirai was promoted as President Sony Computer Entertainment Inc. in December 2006, replacing Ken Kutaragi, developer of the PlayStation.

(Updated with closing share price in fifth paragraph.)
    Before it's here, it's on the Bloomberg Terminal. LEARN MORE