Feeds

PlayStation Network breach will cost Sony $171m

And counting

SANS - Survey on application security programs

The cost of a criminal intrusion that exposed sensitive data for more than 100 million Sony customers and resulted in a 23-day closure of the PlayStation Network will cost the company at least $171 million, executives said.

The estimated cost doesn't included expenses related to any lawsuits that may be filed in response to the security breach, which was discovered on April 19. The estimate includes expenses of an identity theft prevention program and promotional packages to win back customers, among other things.

"So far, we have not received any confirmed reports of customer identity theft issues, nor confirmed any misuse of credit cards from the cyber-attack," Sony told investors. "Those are key variables, and if that changes, the costs could change."

The figures supplied by Sony beats initial estimates of costs resulting from other large data breaches. In 2007, retailer TJX Companies set aside $118 million to cover a database hack that exposed data for at least 45.6 million payment card accounts. Heartland Payment Systems reserved about $105 million for lawsuits related to costs in an attack that allowed hacker and carder Albert Gonzalez to obtain records for as many as 100 million cards.

Some Sony PlayStation Network services still have not been brought back online. The PlayStation Store, for instance, remains down, closing a venue that allowed the company to sell downloadable games.

Sony said the effects of the March earthquake the struck Japan will be about $268.9 million. The company said its loss for the fiscal year that ended on March 31 will be about $3.18 billion. ®

SANS - Survey on application security programs

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.