Sony outlines PlayStation Network revival plans
Creates security officer position, promises incentives for gamers
At a Tokyo press conference this morning Sony executives apologised for the PlayStation Network outage that has seen the theft of millions of gamers' personal data - possibly even credit cards.
Sony revealed its "Welcome Back" programme designed to reward customers affected by the outage.
Sony will offer "selected PlayStation entertainment content" for free download on a region by region basis. It will announce the content soon.
All existing PSN customers will get 30 days free membership in the PlayStation Plus service. Existing PS+ customers receive 30 days free. Qriocity subscribers receive 30 days free.
Sony promised more Welcome Back "entertainment and services" over the coming weeks as PSN is turned back on. Sony reconfirmed the news that some PSN and Qriocity services will be available this week. Sony will first turn back on gaming, music and video services.
Meanwhile, Sony went into a bit more detail on last week's cyber-attack that rocked the game industry and left personal data tied to 77 million PSN accounts stolen.
Sony has implemented a variety of new security measures to provide greater protection of personal information. Tests have been conducted with third-party security experts to verify the strength of PSN, and the job of Chief Information Security Officer has been created to "add a new position of expertise in and accountability for customer data protection".
The new security measures include:
- Added automated software monitoring and configuration management to help defend against new attacks.
- Enhanced levels of data protection and encryption.
- Enhanced ability to detect software intrusions within the network, unauthorized access and unusual activity patterns.
- Implementation of additional firewalls.
Sony has come under fire for not encrypting personal data, such as passwords. In the UK the Information Commissioner's Office plans to discuss the security failure with Sony to see whether it was in breach of the Data Protection Act.
But Sony has insisted it encrypted credit card information, and this morning stressed that it has found no evidence "at this time" that credit card data was stolen.
Hirai confirmed the number of exposed credit card numbers was about 10 million. Sony is unsure if those card numbers were actually stolen, and it doesn't know if hackers are trying to use them in fraudulent purchases.
Once PSN comes back online, it will force a system software update that requires all registered PSN users to change their account passwords. The password can only be changed on the same PS3 in which that account was activated, or through validated email confirmation.
"This criminal act against our network had a significant impact not only on our consumers, but our entire industry," Sony deputy president Kazuo Hirai said.
"These illegal attacks obviously highlight the widespread problem with cyber-security. We take the security of our consumers' information very seriously and are committed to helping our consumers protect their personal data. In addition, the organization has worked around the clock to bring these services back online, and are doing so only after we had verified increased levels of security across our networks.
"Our global audience of PlayStation Network and Qriocity consumers was disrupted. We have learned lessons along the way about the valued relationship with our consumers, and to that end, we will be launching a customer appreciation program for registered consumers as a way of expressing our gratitude for their loyalty during this network downtime, as we work even harder to restore and regain their trust in us and our services."
Sony is working with law enforcement to track down and prosecute the hackers, it said.