What Can Sony Do to Regain Your Trust?

27 Apr 2011 | Posted by

PSN

By now, we’ve all heard about the massive data breach of the Playstation Network by a hacker of unknown origin. If this is somehow breaking news to you, IGN has a nice summation of the entire saga here. As someone who has a credit card linked to my PSN account, not to mention my undying desire to play Portal 2 co-op, I am pretty steamed. (Get it?)

Sony and the hacker both share a lot of blame and I don’t think Sony kept it secret for a week that our information was stolen, but the fact remains: Sony has lost the trust of its consumer base. Granted, there will be fanboys who defend them to the last breath, but those people don’t count. Also, one benefit from this fiasco: it makes it real easy to spot the fanboys.

So what will it take for Sony to win back your trust? Free loot? Cross-game chat? Paying for credit protection for 2 years, as some have suggested? Personally, I want all of the above and maybe a little more. I am disgusted by this whole thing and I want more than a silly email and some vague mutterings about checking my statement.

What say you? Has Sony lost you forever? Speak now or forever hold your PSN anger!

Source: IGN

23 Comments »

  • Julez said:

    I wouldn’t be too worried about your Credit Card information. It’s most likely someone just making a point and attacking them, rather than actually stealing their entire user-bases information for personal gain. It is a shame though. Cross-game chat is a must.

  • DirefulGnome said:

    I am not a PS3 user, but some of my friends are, and they’re pretty cheesed off. All of the things you mentioned would probably regain their trust, but even then, they wouldn’t see SONY the same way, I don’t think they ever will.

    On another note, Microsoft could have taken advantage of this situation. If Microsoft put a sale on the 360 (I’m not sure how much, but 25% and up?), and a sale on the Xbox Live Gold membership (about 25% again?), with a decent advertising campaign, Microsoft could win over quite a few gamers (my friend included). This may not be a strategic move at all, because I’m no expert in marketing, I just wouldn’t be surprised if they did this. I guess it would also be a bit of a scummy move.

  • Eddy said:

    I know Anonymous has said it’s not responsible for this recent attack, but honestly, when they first made a threat weeks ago I changed my password to something I didn’t care about and deleted my credit card from PSN. I figured it was only a matter of time since the hacker community was so riled up against Sony. Very glad I did that now.

  • Sean said:

    I wish I had changed my password. Once PSN is back up, thats the first thing Im doing.

    Sony needs to make amends for this. I think they should help those who loose information thats sensitive. They need to just re-do their system, its obvious its full of holes. I dont play much on my PS3, but I think they need to do a lot more to make it more secure.

  • Mitch said:

    [quote comment="16300"]I wouldn’t be too worried about your Credit Card information. It’s most likely someone just making a point and attacking them, rather than actually stealing their entire user-bases information for personal gain. It is a shame though. Cross-game chat is a must.[/quote]

    Didn’t something similar happen to Gawker with the expressed purpose of sending this kind of information out? Or am I remembering that incorrectly?

    As a non-PSN user, this doesn’t really affect me, but it is incredibly stressful to deal with. I have a couple friends who PS3 game exclusively, so I imagine they’re tearing their hair out over this.

    If anything, this has taught Sony a valuable lesson about not storing personal information as PLAIN TEXT.

  • Anthony (author) said:

    [quote comment="16301"]I am not a PS3 user, but some of my friends are, and they’re pretty cheesed off. All of the things you mentioned would probably regain their trust, but even then, they wouldn’t see SONY the same way, I don’t think they ever will.

    On another note, Microsoft could have taken advantage of this situation. If Microsoft put a sale on the 360 (I’m not sure how much, but 25% and up?), and a sale on the Xbox Live Gold membership (about 25% again?), with a decent advertising campaign, Microsoft could win over quite a few gamers (my friend included). This may not be a strategic move at all, because I’m no expert in marketing, I just wouldn’t be surprised if they did this. I guess it would also be a bit of a scummy move.[/quote]

    Agreed with all points. But Microsoft shouldn’t be too smug. The same can probably happen to them if the right hackers get motivated enough.

    It’s a damn shame.

  • Eddy said:

    Anthony, I’d like to think MS isn’t just storing their customers’ data in plain text format, and are at least using some form of encryption. Sony was hugely negligent on that part. I read this article going a little more in depth about it, and it’s absurd:

    http://www.eurogamer.net/articles/digitalfoundry-psn-security-scandal

    I agree that any hackers can get what they want when they set their mind to it… but Sony just kind of left everyone’s info on a silver platter. And then put that platter outside of the house.

  • awesome_ninja said:

    And there goes PSN down the drain…. maybe it’s time for Steam to take over? mwuahahahaha xD

  • JJ said:

    Apparently 1) credit cards were encrypted even though personal information was not and 2) they expect to have the system back up next week if they’re confident it’s secure. I’ve also read that the next system update will require a password change.

    http://blog.us.playstation.com/2011/04/27/qa-1-for-playstation-network-and-qriocity-services/

  • Anthony (author) said:

    [quote comment="16309"]Anthony, I’d like to think MS isn’t just storing their customers’ data in plain text format, and are at least using some form of encryption. Sony was hugely negligent on that part. I read this article going a little more in depth about it, and it’s absurd:

    http://www.eurogamer.net/articles/digitalfoundry-psn-security-scandal

    I agree that any hackers can get what they want when they set their mind to it… but Sony just kind of left everyone’s info on a silver platter. And then put that platter outside of the house.[/quote]

    Yeah, no one’s disputing that Sony messed up. As Jeff points out, the CC info was encrypted (allegedly). Though I didn’t know that at the time of my comment, it is encouraging to see.

    I was merely saying that I hope to not see any crowing from Microsoft (the company, not the fanboys) in light of the seriousness of it. This has nothing to do with defending Sony, but my anger at my personal information being stolen and if I see another multinational corporation acting douchy about it, I am going go to be pissed. Not that they have and not that I expect them to.

    And also, as I said, that doing so only invites karma to strike at them with great anger and furious vengeance, as someone bad ass once said.

  • Eddy said:

    Ah, I see now, Anthony. Good points.

    Also Jeff, at the rate that all these sites are being compromised, I’m running out of passwords…

  • JJ said:

    [quote comment="16316"]at the rate that all these sites are being compromised, I’m running out of passwords…[/quote]

    “AAAAAA” … “AAAAAB” … “AAAAAC” …

  • nevertell said:

    SERVES THEM RIGHT!

    Didn’t any of you know that your connection to PSN was never encrypted ? I mean, I could get your credit card info just by “listening” to what your router is sending off. Dammit, if was sitting on your wi-fi network (and that wasn’t encrypted), I would get to see EVERYTHING you send off and receive back from PSN. Now that the whole PSN has been compromised, it’s a good chance for them to repair the holes.

    But I hope they don’t use the same function for getting random numbers.

  • Anthony (author) said:

    [quote comment="16320"]SERVES THEM RIGHT!

    Didn’t any of you know that your connection to PSN was never encrypted ? I mean, I could get your credit card info just by “listening” to what your router is sending off. Dammit, if was sitting on your wi-fi network (and that wasn’t encrypted), I would get to see EVERYTHING you send off and receive back from PSN. Now that the whole PSN has been compromised, it’s a good chance for them to repair the holes.

    But I hope they don’t use the same function for getting random numbers.[/quote]

    The CC was encrypted.

    And “Serves them right”????

    Who? Me? I deserve to have my ID stolen? Sony deserves to be hacked? I fail to see what that has to do with anything. I would encourage you to think about the human element in a case like this.

  • JJ said:

    I wish we didn’t live in a world where the only time security flaws get fixed is when a bunch of assholes decide to hack a company to “prove a point”. As far as I can tell the only point they’re making here is “if you don’t let us hack one thing, we’ll hack a different thing. SO THERE!” Geniuses.

    I do think these kind of security fuckups can ultimately end up being positive when people respond by making their online presences more secure, but I’d much rather it be a proactive choice instead of a reactive one.

  • Anthony (author) said:

    [quote comment="16328"]I wish we didn’t live in a world where the only time security flaws get fixed is when a bunch of assholes decide to hack a company to “prove a point”. As far as I can tell the only point they’re making here is “if you don’t let us hack one thing, we’ll hack a different thing. SO THERE!” Geniuses.

    I do think these kind of security fuckups can ultimately end up being positive when people respond by making their online presences more secure, but I’d much rather it be a proactive choice instead of a reactive one.[/quote]

    I agree with that. It’s pretty messed up. As much as Sony messed up, I don’t think they brought it on themselves. They were trying to protect their product.

    On another site, I, perhaps, mistakenly, said that one hack probably leaves the system vulnerable to other exploits. I don’t know if this is true or not, I have no knowledge of such things, but…I said it anyway, haha.

  • SkubaPatr0l said:

    Hmn, an overhaul of PSN’s features WOULD be a nice form of an apology. I don’t have CC details on my account (Pre-paid cards for little ol’ me) so I’m not in TOO much shit. I just hope they fix it soon.

  • nevertell said:

    The connection itself was never encrypted.

    And I am not talking about the users of PSN, I am talking about Sony. Heck, I’ve got a ps3 myself.

  • Gadfly Jim said:

    @nevertell

    when a kid is being stupid while say climbing a tree you don’t wish he would fall and break his arm because it “serves him right.

    no one “deserves” to get hacked like this, I don’t wish harm to Sony for messing up the same way I don’t wish physical harm to the hacker. Because he is a human being!

    P.S. ok maybe just a little physical harm :)

  • defteats said:

    @Gadfly Jim

    Yeah, I’d kick the hacker in the balls if given the opportunity. If it was a woman, then falcon punch? Okay, that’s terrible.

  • DarkLight523 said:

    Despite Sony’s claims that credit card information tied to these profiles was not compromised, I’m still monitoring my Visa.

    Complaints over the shutdown’s inconvenience (no online multiplayer) seem trivial in comparison to the violation of our sense of safety and security.

    Ways Sony can regain my trust:
    1. Install an up-to-date security system.

    2. Have that security system operated by an independent company.
    More important than having a security system is eliminating the risk of coverup. Sony’s been less than transparent in regards to how the breach occurred, when it occurred, and why half a week passed before alerting about the breach. A security company that’s not a stakeholder in Sony’s business is less likely to attempt a cover up.

    3. Fire whoever made the decision to hold off on announcing the security breach.

    4. Make their termination very, very public.

    I don’t expect the last two conditions to ever happen. Even my second request seems unlikely. So I may never completely trust Sony again.

    I’ll always have Blu-Ray.

  • PPP said:

    I never use my original credit card information on the internet. I don’t know if you have this system in the USA but here we can create a virtual credit card at any ATM with the amount of money I want to spend. Even if I get hacked they can only use up to that limit and after 48 hours it expires. I even prefer this to Paypal. However I think Sony has to be more careful from now on. This things happen sometimes the only difference this time around is that it got public because it was too obvious. It is always better knowing than not knowing in my opinion.
    I hope everything gets fixed and I expect Sony to make emends and compensate all the hurt people in this process.

  • Anthony (author) said:

    [quote comment="16344"]Despite Sony’s claims that credit card information tied to these profiles was not compromised, I’m still monitoring my Visa.

    Complaints over the shutdown’s inconvenience (no online multiplayer) seem trivial in comparison to the violation of our sense of safety and security.

    Ways Sony can regain my trust:
    1. Install an up-to-date security system.

    2. Have that security system operated by an independent company.
    More important than having a security system is eliminating the risk of coverup. Sony’s been less than transparent in regards to how the breach occurred, when it occurred, and why half a week passed before alerting about the breach. A security company that’s not a stakeholder in Sony’s business is less likely to attempt a cover up.

    3. Fire whoever made the decision to hold off on announcing the security breach.

    4. Make their termination very, very public.

    I don’t expect the last two conditions to ever happen. Even my second request seems unlikely. So I may never completely trust Sony again.

    I’ll always have Blu-Ray.[/quote]

    I imagine they wanted to make sure they knew the extent before announcing it.