Sony Considers Reimbursing Credit Card Replacement Costs in Light of Data Breach [Update]S

In this morning's news conference, Sony Computer Entertainment head Kazuo Hirai said the company would consider covering costs associated with reissuing credit cards to PlayStation Network subscribers who feel their accounts have been compromised by the massive data breach of April 20.

Update: The entirety of the news conference, including reporters' questions, translated into English, may be viewed here.

Hirai, noting that there have been no confirmed incidents in which fraud was committed with a credit card number stolen from the PSN breach, said the company has asked the FBI for a criminal investigation of the matter.

While there are 77 million accounts in the PlayStation Network, some are are held by the same household or person. Hirai said the owners of 10 million PSN accounts have been notified that their credit card information may have been compromised. However, the three-digit CVV number on the back of the card, required for purchases over the Internet, was definitely not compromised.

The replacement of a lost or stolen credit card is typically done for a customer for free, but to banks there is a cost of printing, processing and mailing the cards, plus a cost of lost business while the customer waits for a new one. Earlier in the week, news reports pegged the transactional costs of card replacement at between $3 and $5 per card. It's unclear who Sony would compensate, if it does, or if enough cardholders will ditch their cards to make it an issue that banks complain about to Sony.

Also in comments at this morning's news conference in Japan:

• Hirai apologized to Sony customers. "We would like to extend our apologies ... because potentially compromised their customer data," Hirai said, according to Gamasutra. "We offer our sincerest apologies."

• Hirai called out Anonymous by name. While he did not accuse the leaderless hacktivist collective of being behind this breach, Hirai noted past attacks for which Anonymous hackers did claim responsibility, including the publshing of personal information about Sony's top management, including information about their children.

• Hirai answered why Sony did not inform its users about the breach sooner. He said Sony shut down the network to prevent any further damage, then hired three companies to analyze the network. The size of the analysis and the gradual nature of the investigation, plus the time it took to wind down PSN to be ready for that examination, accounts for the delay, Hirai said.

• Hirai noted that. in light of the attack on Sony's San Diego data center, those operations are being moved to a new, undisclosed location. He also promised enhanced security to defend against any new attacks.

Sony Considers Reimbursing Credit Card Replacement Costs in Light of Data Breach [Update]

Sony Press Conference Discusses PSN Intrusion, Next Steps [Gamasutra]