The PlayStation Network breach and outage became a formative consumer-security story in the early 2010s. What began as a network intrusion turned into a 23-day outage that exposed the personal information of 77 million users.
The Attack
Between April 17 and 19, 2011, attackers exploited a vulnerability in Sony's network infrastructure. The breach exposed names, addresses, email addresses, birth dates, and encrypted passwords. Sony later confirmed that some credit card data may also have been accessed.
The Response
Sony took the unprecedented step of completely shutting down the PlayStation Network for 23 days while they investigated and rebuilt their security infrastructure. The move cost the company an estimated $171 million in direct costs and lost revenue.
Long-Term Impact
The breach fundamentally changed how gaming companies approach security. It demonstrated that gaming networks were high-value targets and that consumer trust could be severely damaged by security failures. The incident led to:
- Mandatory two-factor authentication in gaming services
- Enhanced breach notification laws
- Industry-wide security audits
- Improved encryption standards for stored data
Impact: 77 million users affected, 23-day outage, $171 million in costs, and lasting changes to gaming industry security practices.