While the financial ramifications of the PlayStation Network's "external intrustion" on Sony, PlayStation developers and consumers likely won't be known for many moons, a data-security research firm and the mathematicians at Forbes have put a worst-case scenario price tag on the breach: $24 billion USD.
That gargantuan figure was derived by multiplying the number of PlayStation Network accounts (77 million) by the "cost of a data breach involving a malicious or criminal act," which according to the Ponemon Institute, averaged $318 last year. Of course, not every PSN account has current credit card data or accurate personal information attached to it, meaning the actual figure would likely be much, much less.
That said, Forbes still warns of scams that don't require access to credit card info.
Alan Paller, director of research for the SANS Institute, a security training organization, said that even if credit numbers weren't stolen, knowing someone's name, email address and which games he or she likes can lead to expertly crafted scam e-mails. Knowing billing histories can be even more harmful, since they can identify big spenders.
Regardless of the actual cost to Sony and its customers, it's certainly a massive loss in terms of trust and sales, which we may see reflected in the company's earnings over the course of the coming months and years.