• Home
  • Latest
  • Fortune 500
  • Finance
  • Tech
  • Leadership
  • Lifestyle
  • Rankings
  • Multimedia

Trendingnow

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii

3

Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K

1

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch

2

Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii

3

Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K

Why Sony didn’t learn from its 2011 hack

By
John Gaudiosi
John Gaudiosi
Down Arrow Button Icon
By
John Gaudiosi
John Gaudiosi
Down Arrow Button Icon
December 24, 2014, 1:22 PM ET
Sony Computer Entertainment CEO Kazuo Hirai 2011
Kazuo Hirai, then-CEO of Sony Computer Entertainment, pauses during a news conference in May 2011. Hirai is now CEO of Sony Corp.Photograph by Tomohiro Ohsumi — Bloomberg/Getty Images
Add Fortune on Google for similar content.

Long before Sony Pictures Entertainment revealed in November that it had been hacked by a group calling itself the Guardians of Peace, another division of Sony was attacked by cyber attackers.

Between April and May 2011, Sony Computer Entertainment’s online gaming service, PlayStation Network, and its streaming media service, Qriocity—plus Sony Online Entertainment, the company’s in-house game developer and publisher—were hacked by LulzSec, a splinter group of Anonymous, the hacker collective.

The online services were shut down between April 20 and May 15 as Sony attempted to secure the breach, which put the sensitive personal data for over 100 million customers at risk. The chief executive of Sony Computer Entertainment America at the time, Kazuo Hirai, wrote the following on the PlayStation blog:

We are taking a number of steps to prevent future breaches, including enhanced levels of data protection and encryption; enhanced ability to detect software intrusions, unauthorized access and unusual activity patterns; additional firewalls; establishment of a new data center in an undisclosed location with increased security; and the naming of a new Chief Information Security Officer (CISO).

Hirai is now president and CEO of Sony.

Philip Reitinger was appointed CISO of Sony Corporation America in September 2011, shortly after that year’s breach. This September, he left Sony to start his own security consulting business, VisionSpear. John Scimone replaced him.

Globally, Sony has more than 140,000 employees and more than 100 subsidiaries. “Not only did Reitinger have his hands full,” says Gary S. Miliefsky, CEO of cyber security firm SnoopWall, “but some people say that his team could not manage all the corporate network ‘touch points.’ So there was no centralization of security events information management.” Reitinger’s departure this year also created a security leadership gap at Sony when the company needed it most, Miliefsky adds.

Sony Computer Entertainment and Sony Pictures Entertainment declined to comment.

Sony (SNE) learned a lot of painful lessons from the 2011 breach, says Lewis Ward, research director for gaming at the market research firm IDC. The company reported a hard cost of $171 million, but Ward estimates that the hack ended up costing Sony more than $250 million through the end of 2012 as it worked to clean up the mess and reinforce its defenses. “On the gaming side, nothing like the PlayStation Network attack had happened before, or has happened since,” he says. “It was unprecedented in gaming.”

Sony and Microsoft (MSFT) have experienced smaller breaches of their online gaming networks since 2011, including another PlayStation Network attack in October 2011 and a PlayStation Store attack earlier this month. But the April 2011 attack stands alone for its size and scope.

That’s because the PlayStation Network suffered multiple kinds of attacks, Miliefsky says. One was a classic data breach—the release of otherwise secure information. The second was a distributed denial-of-service attack, or DDoS, that left the network inaccessible to gamers. Sony has since improved its stance against both attack types—for example, it’s now a strong partner of Amazon Web Services, the dominant cloud computing player, improving its odds against a DDoS—and Hirai has improved collaboration across Sony’s many divisions since taking the company’s top job.

But there’s one major factor that prevented Sony from better using those 2011 lessons in 2014: organizational structure. The company has long had a reputation for operating in silos, says Michael Pachter, a video game analyst at Wedbush Securities, and no silo is more isolated than Sony Pictures Entertainment. “It’s the [Sony] movie guys who don’t talk to anybody,” Pachter says. “They learned nothing from the PlayStation Network breach. I don’t know the movie guys, but the game people have been very friendly and open-minded and would love to work with the Sony movie guys.”

This type of corporate structure is hardly limited to Sony, but it helps explain why such a challenging period in 2011 didn’t better prepare the company to avoid a similar scenario in 2014. “Most organizations are in silos,” says Tim Eades, CEO of the security company vArmour. “They need better sharing and collaboration solution in security between their divisions and their supply chain. If Sony had that, it would have been stronger.”

The problem? Sony didn’t address its organizational issues fast enough after the 2011 hack, Miliesky says. “From that moment on, their CIO should have implemented corporate-wide protection measures and beefed up info-sec training for employees that would be standardized across the organization,” he says. “The tools and techniques they decided to use to protect the public-facing PlayStation Network was a reactive approach—’We were attacked at point X by Y, so let’s defend point X with tools to stop successful exploitation by these kinds of Y attacks.’ It was completely reactive, not proactive.”

It’s a particularly knotty issue for a company as large as Sony. “The attack surface that Sony has is vast and requires significant investment and, unfortunately, time to deploy,” Eades says.

The email correspondence that leaked in the wake of the recent hack showed that Sony Pictures Entertainment may have been operating without adequate protection against phishing attacks, remote-access Trojans, password management policies, proper use of encryption, data storage, and backups, Miliesky says.

“Ultimately, SPE was wide open,” Miliesky says. “They probably had a firewall and antivirus and told their CISO ‘everything is safe and secure over here,” if that conversation even happened. A proper inventory control, vulnerability assessment, and employee training at SPE would have revealed much to the CISO.”

Sony has improved its internal coordination, thanks to both Hirai’s leadership and the return of Andrew House as president and Group CEO of Sony Computer Entertainment, Pachter says. For example, Sony Pictures Television is currently filming the original live action television series, Powers, for the PlayStation Network. But the budding synergy between divisions wasn’t enough to stop the most recent cyber attack against Sony, says P.J. McNealy, CEO of the market research firm Digital World Research.

In 2011, Sony Computer Entertainment worked hard to win back the trust of its gaming customers, and today it leads both Microsoft and Nintendo in the gaming console market with its PlayStation 4. “Consumers are quick to forgive on this front because at the end of the day it’s an entertainment product,” McNealy says. “I was surprised at how quickly the user numbers spiked back after the patch was fixed and the network went back online [in May 2011]. Consumers are accepting that this is the new world we live in, where hacks take place.”

Experts agree that while Sony’s reputation is suffering in the wake of the most recent attack, it is hardly the only company at risk from such issues.

“Can any corporation really firewall itself to be invulnerable to attacks today?” McNealy asked. “We’ve now seen hackers breach major corporations and major retailers. Everyone’s a target for hackers. There’s been a real shift in the hacking community from unleashing viruses through emails on select holidays to attract headlines 10 years ago, to trying to grab personal data and information.”

Joseph Demarest, assistant director of the cyber division of the Federal Bureau of Investigation, earlier this month declared to members of Congress that 90% of businesses could not have stopped the Sony Pictures Entertainment attack.

“I agree with that number,” Miliefsky says. “But the real issue is today’s security posture and employee training. The biggest weakness at Sony Pictures Entertainment was the employees. If you can’t train them to behave better, then what can you expect but another successful breach?”

About the Author
By John Gaudiosi
See full bioRight Arrow Button Icon
Add Fortune on Google for similar content.

Latest in

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025

Most Popular

Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Finance
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam
By Fortune Editors
October 20, 2025
Fortune Secondary Logo
Rankings
  • 100 Best Companies
  • Fortune 500
  • Global 500
  • Fortune 500 Europe
  • Most Powerful Women
  • World's Most Admired Companies
  • See All Rankings
  • Lists Calendar
Sections
  • Finance
  • Fortune Crypto
  • Features
  • Leadership
  • Health
  • Commentary
  • Success
  • Retail
  • Mpw
  • Tech
  • Lifestyle
  • CEO Initiative
  • Asia
  • Politics
  • Conferences
  • Europe
  • Newsletters
  • Personal Finance
  • Environment
  • Magazine
  • Education
Customer Support
  • Frequently Asked Questions
  • Customer Service Portal
  • Privacy Policy
  • Terms Of Use
  • Single Issues For Purchase
  • International Print
Commercial Services
  • Advertising
  • Fortune Brand Studio
  • Fortune Analytics
  • Fortune Conferences
  • Business Development
  • Group Subscriptions
About Us
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • About Us
  • Press Center
  • Work At Fortune
  • Terms And Conditions
  • Site Map
  • Facebook icon
  • Twitter icon
  • LinkedIn icon
  • Instagram icon
  • Pinterest icon

Latest in

z
AIdisruption
Meet the Zillennials: The luckiest micro-generation in the workforce, born between 1993 and 1998
By Nick LichtenbergJuly 3, 2026
1 hour ago
$25 billion CEO says one-hour interviews are a waste of time—he puts candidates through six hours of tests and wants them to order wine at lunch
SuccessThe Interview Playbook
$25 billion CEO says one-hour interviews are a waste of time—he puts candidates through six hours of tests and wants them to order wine at lunch
By Orianna Rosa RoyleJuly 3, 2026
2 hours ago
Most cancer philanthropy funds research. This winery cofounder is paying for the caregivers and chair lifts families can’t afford
Successphilanthropy
Most cancer philanthropy funds research. This winery cofounder is paying for the caregivers and chair lifts families can’t afford
By Sydney LakeJuly 3, 2026
2 hours ago
Mortgage rates today, July 3, 2026
Personal Financemortgages
Mortgage rates today, July 3, 2026
By Glen Luke FlanaganJuly 3, 2026
2 hours ago
Current refi mortgage rates report for July 3, 2026
Personal FinanceReal Estate
Current refi mortgage rates report for July 3, 2026
By Glen Luke FlanaganJuly 3, 2026
2 hours ago
Current ARM mortgage rates report for July 3, 2026
Personal FinanceReal Estate
Current ARM mortgage rates report for July 3, 2026
By Glen Luke FlanaganJuly 3, 2026
2 hours ago

Most Popular

As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
Big Tech
As Big Tech showers employees with perks to win the talent war, Nvidia built a nearly $5 trillion company by making people pay for their own lunch
By Marco Quiroz-GutierrezJuly 1, 2026
2 days ago
Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii
Success
Mark Zuckerberg feeds his cows macadamia nuts and beer to create the 'highest-quality beef in the world' on his $300 million estate in Hawaii
By Sasha RogelbergJuly 2, 2026
16 hours ago
Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K
Success
Today, Emily Blunt is worth $80 million thanks to her Hollywood career—but she actually wanted to be a UN Spanish translator on $80K
By Orianna Rosa RoyleJuly 2, 2026
1 day ago
Americans are escaping the U.S. for New Zealand where house prices have hit a new low—but only wealthy Americans with $3 million spare can invest
Success
Americans are escaping the U.S. for New Zealand where house prices have hit a new low—but only wealthy Americans with $3 million spare can invest
By Emma BurleighJuly 2, 2026
17 hours ago
Current price of oil as of July 2, 2026
Personal Finance
Current price of oil as of July 2, 2026
By Joseph HostetlerJuly 2, 2026
19 hours ago
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
Success
MacKenzie Scott alone accounted for one-third of America's $19.2 billion in megagifts last year
By Sydney LakeJune 25, 2026
8 days ago

© 2026 Fortune Media IP Limited. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | CA Notice at Collection and Privacy Notice | Do Not Sell/Share My Personal Information
FORTUNE is a trademark of Fortune Media IP Limited, registered in the U.S. and other countries. FORTUNE may receive compensation for some links to products and services on this website. Offers may be subject to change without notice.