By now I’m sure you will have heard of Sony’s PlayStation Network (PSN) being hacked, 77 million account details stolen, Sony Online Entertainment having to go offline and may remain offline until the end of May. And if you haven’t, well, there you go. Bad times to be online at Sony.
There are a ton of articles out there about there about the event – Bio Break covers it, as does We Fly Spitfires, plus others – all with a range of views. It’s Sony’s fault, it isn’t Sony’s fault, they should have done more, every system is vulnerable to hacking, etc. At the end of the day Sony is responsible for the data they had obtained through the PSN / SOE and it is a huge black eye to have lost it all. Hacks happen, but you sure as hell don’t want them happening to you.
SOE having to take all its games offline is another major event, since as a virutally-oriented company, all SOE has is its online presence. Having built up trust with players and a reputation in the industry over more than a decade, this event scuttles a lot of that goodwill. Players simply can’t trust SOE to look after their personal details, which is a critical part of the player / game provider relationship.
I’ve seen some comments that since SOE / the PSN have been hacked, Sony will fix it and future data theft won’t be possible. Perhaps. Lightning can strike twice in the same place and right now being offline is costing Sony millions of dollars per day. There will be a lot of pressure to get something up, which won’t necessarily allow for a safe period of testing and re-testing to ensure things are working correctly.
Re-launch day will also see the servers hammered by players doing things like changing personal details and rushing back into their games, which will put stress on any new systems that have been implemented. Unfortunately any mistakes here are going to get double-hammered, especially if players are trying to unsubscribe – if they feel locked out of the system (again), expect to see claims of SOE “trying to keep their money”.
Personally, I’m taking this opportunity to reinforce my distrust of cloud computing.
Kate Bush Wasn’t Involved… This Time
Virtual companies have had hiccups before, and even outright failed, but I can’t think of another example on this scale, or one where the company is a market leader and going to try to come back to that position. It’s the worst case for such an online-based company as SOE as well – not only did they have to go offline, they just saw all of their client details taken as well.
At this point Sony has declared that no credit card information was taken, so it’s only your account name, account details and other personal information that’s been hacked. That’s still a pretty big deal for a number of people.
As internet speeds get faster and more services are being offered online, more consideration is being placed on having everything available on demand through the internet. It’s certainly convenient, but the issue is if something happens to the servers / the network, all that money you pay for access gives you nothing in return. Cloud services are great when the network is up and working, but lose that access and you are going to have to find some other way to spend your time. And since it’s all online, you don’t even have a shiny disk to distract you.
(Some may argue that what Sony offers through SOE and the PSN isn’t true cloud computing, and I get that. However, it’s close enough and reveals an event that any cloud-based system needs to think about: massive system compromise from a hostile source.)
I recognise that this is the case for any online title; plenty of them have been shut down, leaving players with nothing but useless DVDs and bad plastic maps in cardboard boxes. But that’s different to some extent – it’s a shut down, an ending. This is a sudden disruption to a service that should be continuous and plans to come back up at some point. It reminds people of the frailty of the system, which isn’t something you want your customers to look too closely at.
Players are still paying money, of course. All those sub fees that SOE is collecting during this time period (and yes, they are offering players a free month and bonus days to replace the ones they’ve lost) are for services not rendered. You could block those charges at your bank / financial provider level, but this might mean you lose your entire account if SOE flags you with a ‘bad charge’ and sticks a fraud label over it.
The PSN / SOE case could serve as a very interesting case study for how a big company recovers from such an event. It won’t be as simple as, “Hey everyone, we’re back, now everyone act like nothing happened…” for SOE. They’ll have to re-earn the trust of their players and the potential players they’ll want to attract.
It is also going to be interesting to see the impact on their newer titles. Everquest et al probably has a healthy zombie account and dedicated player population, but DC Universe Online has just given their new PS3 players their first experience of a MMO going offline, while a lot of people will eyeball the release of PlanetSide Next with more suspicion.
Plus it isn’t like there aren’t plenty of people who like to give SOE a kicking even if they’ve nothing wrong. Between losing all SOE account details sans credit cards and the NGE, SOE haters will have material for years to come.
And now, some music:
Cloud computing: I’ve been skeptical about it too, mostly because of the security problems. The more stuff you just put “out there somewhere” the more stuff digital thieves can nab.
Sony Online: I hope this is a devastating blow to the company. Not because I have any animosity towards them (I was just about to return to EQ2 and DCU when this hit), but because I want the lesson to get slammed home to everyone else out there: You cannot allow this to happen. Ever. Systems will get cracked, but if your business involves hang on to my identity/my money, and you fail to protect that, no one should entrust you with that information any longer.
Pingback: It’s Been An Interesting Week | Vicarious Existence