PlayStation Network breach will cost Sony $171m

And counting

The cost of a criminal intrusion that exposed sensitive data for more than 100 million Sony customers and resulted in a 23-day closure of the PlayStation Network will cost the company at least $171 million, executives said.

The estimated cost doesn't included expenses related to any lawsuits that may be filed in response to the security breach, which was discovered on April 19. The estimate includes expenses of an identity theft prevention program and promotional packages to win back customers, among other things.

"So far, we have not received any confirmed reports of customer identity theft issues, nor confirmed any misuse of credit cards from the cyber-attack," Sony told investors. "Those are key variables, and if that changes, the costs could change."

The figures supplied by Sony beats initial estimates of costs resulting from other large data breaches. In 2007, retailer TJX Companies set aside $118 million to cover a database hack that exposed data for at least 45.6 million payment card accounts. Heartland Payment Systems reserved about $105 million for lawsuits related to costs in an attack that allowed hacker and carder Albert Gonzalez to obtain records for as many as 100 million cards.

Some Sony PlayStation Network services still have not been brought back online. The PlayStation Store, for instance, remains down, closing a venue that allowed the company to sell downloadable games.

Sony said the effects of the March earthquake the struck Japan will be about $268.9 million. The company said its loss for the fiscal year that ended on March 31 will be about $3.18 billion. ®

Sponsored: 5 critical considerations for enterprise cloud backup