Hi all, as a fun (well more so than what I am procrastinating from) thing to do, I thought we could try to work out how much the recent attacks cost Sony. Some analysts recently said that if it cost Sony what the average data breach cost a company/person's data stolen, the total would be $24 billion. I think that is skewed by the fact that data breeches can be much mroe serious than this one.

If you disagree with any of my reasoning, feel free to constructively criticise.

Assumptions

1) The attacks have been dealt with, and the loophole fixed.

2) No court cases are likely, or at least they will be dealt with cheaply.

Both of the above are not only very likely, but also required before we can predict - they're too much of a variable cost.

The cost is broken down into

- Cost to fix the problem

- Cost of the consumer goodwill program

- Cost of loss of revenue from loss of goodwill

The cost to fix it would have been significant - they  used internal personel and hired consultants. Let's say they had a team of 100 working 9-5 every day (including weekends) for the approximately 10 days that the service was down for, then multiply this number by 1.1 to take into account that there will still be increased work as the servers come back up, just for the internal team. That is 100*8*10*1.1 = 8800 manhours. If they're paying their staff/consultants $80 an hour, on average, that'd be 0.7 million. That actually seems like I must have been lowballing it, maybe there'd have been more than 100 people working on it? How much do IT consultants get paid anyway?

"engaged multiple expert information security firms over the course of several days and conducted an extensive audit of the system. Since then, the company has implemented a variety of new security measures to provide greater protection of personal information. SNEI and its third-party experts have conducted extensive tests to verify the security strength of the PlayStation Network and Qriocity services."

"the organization has worked around the clock to bring these services back online"

Addressing the consumer goodwill, they lose

$4 Per Playstation Plus Customer due to giving them a free month. Let's guess 5 million PSplus users? = $20 million

Some extra bandwidth due to those who weren't PSplus users using extra bandwidth on PSplus services = $0.1 * 32 million = 3.2 million.

" selected PlayStation entertainment content for free download" means either they have to pay to develop some new content, miss out on revenue from existing or make a deal with a 3rd party. Lets say $0.5 million worth of additional costs plus lost revenue.

As for cost of revenue loss from loss of consumer goodwill, that's a difficult one to answer. I would say it would be as much as $10 million, spread over many many years and many different sections of Sony. What do you guys reckon? Higher? Lower? 

That all adds up to 34.4 million. Considering I've probably missed some things, they no doubt did have some lawyers preparing a defence, and they have to do all the admin to deal with it, CEOs going to interviews means they aren't working etc. Lets round it up to 40 million then.

So a far cry from the sensationalist claims of $24 billion on average. A far cry from those who claimed it could end up as bad as RROD ($1 billion). However, it would be fairly significant ~ 2.5% of the total profit Sony has made on the PS family would be eaten up by this attack.

I wouldn't be surprised if sony is forced to pay for 1 year of credit monitoring for every user affected. Plenty of other companies who lost credit data had to do this. Personally i'd rather see this than a couple of crappy token downloads.

$35.2 million is not really that bad. I think Sony will regain there trust with there fans once the service is back online and when we all get that 1-month of PS plus service free.  :)

@JWS I doubt Sony will be FORCED to do that. They have already had help with the US congress with the issue and from what i have read and heard they are not being forced to monitor people being affected.

"$4 Per Playstation Plus Customer due to giving them a free month. Let's guess 5 million PSplus users? = $20 million"

PSN plus free month is for all user, or not? 

from Joystiq

...Because the freebie content will be different by region, Sony was hesitant to put a price on it, but Hirai estimated "a few thousand yen" worth of free downloads. So like $20-25 or so?

In response to a question about install base, Hirai said 37 million PS3 systems are connected to PSN, and 16 million PSP units, but the total install base is larger. Sony isn't disclosing the userbase for Qriocity yet....

http://www.joystiq.com/2011/05/01/psn-outage-plus-qriocity-free/

"a few thousand yen" is good but i think this content will be from Sony, so the cost for them will be little cost

The reason the $4 was only applied to 5 million users was because, if you don't already have PSNplus, then you being given it for free doesn't take any revenue from Sony - there was no revenue from you to begin with. The next line covers the fact that those who do not have PSN will be thus using more bandwidth as a result of getting 1 month of free PSNplus. However, the total number of PSN users is 37 million, as you say. So I probably need to edit down that number.

Edit - and even if the game is from Sony, it can still be a big loss. Lets say that they have a game that they were going to be selling for $10, and they were expecting to sell 50k copies. That is neither a high price nor a great figure for sales. Now instead of selling that game and getting $0.5 million revenue, with expenses of x, they instead get $0 revenue and expenses of x. They still lose $0.5 million and I stand by that figure.

Pretty good calculations, though I think that $4 PSN Plus should be added to the 77 mil accounts, or at leat the ~35 mil master accounts.  Anyway, I think some lawyers are going to try and get something out of this, don't they always.  That means Sony will have to lawyer up.  And Sony MAY have to pay for credit monitoring like JWS said.  Then you have the cost of the new security measures and staff involved.  The new building they built to house their network.  And the cost of giving away free games/movies in the customer appreciation program. 

So, my guess would be it may approach a few $100 mil, MAYBE getting close to $1 bil, but will be NOWHERE near that BS claim of $24 billion.

I wonder how many people will stick with PSN after trying it for a month?