Sony (NYSE: SNE) is sorry for the hack into its PlayStation Network. So sorry that that it will be handing out free stuff to its users. Kazuo Hirai played the victim role very well yesterday, and you could have almost shed some tears when he announced that Sony will stand up and reanimate PSN later this week. But let's not forget who the real victim is: you. Sony will have to do much better to restore what has been damaged over the past 10 days.

When you have to bribe your users to come back and give you a break when you screwed up, you know that you are dealing with a difficult situation. Sony will sink hundreds of millions of dollars into its giveaway -- but let's be serious. Sony has not turned into a welfare organization overnight, and there is a justification for this investment just like there is a justification for everything else a company spends money on and needs to explain to its shareholders.

It's a nice way of stressing your apology. But is it really free content you want? Most of the time, when you are saying "I'm sorry," you won't have to bring a gift. and Sony surely was not obligated to compensate users who do not pay for most PSN services anyway. Seriously, for some among us, it was actually a reason to find other ways to keep us busy, which isn't necessarily a bad thing. I just think that Sony's apology was not appropriate, not entirely honest -- and not enough.

Negligence
Sony conceded during its press conference that hackers exploited a known vulnerability in its servers. Sony's IT staff apparently was not aware of this particular vulnerability, which opened the door to a hack attack via human error and negligence. There were no further details, but Sony's note suggests that this wasn't an especially sophisticated hack but could have been an opportunity of circumstance -- someone poking around and discovering this vulnerability. Of course, that does not justify the hack, and the theft of the data of 77 million people and apparently the information of 10 million credit cards remains a criminal act of epic proportions: You just don't walk into someone's house because the door is left open. However, Sony should have known that it is an attractive target and that there need to be more than reasonable safeguards to protect user data. There is no doubt in my mind that Sony's IT staff has acted in a negligent way and that the legal system will come down hard on Sony.

Timing
The press briefing was scheduled more than 10 days after Sony had learned about the hack. The only communication channel has been its PlayStation blog so far, and the information provided was, ummm … thin. Sony justified the delay with its investigation by saying that that it needed to confirm certain information. However, even after almost two weeks, Sony did not provide all the answers. For example, the company said that it has no clue what the hackers exactly did on its servers and that it has no idea what the purpose of the break-in was. It cannot say whether credit card data was actually read or not, but there is a chance that it was. I somewhat felt that Sony was a bit condescending during the press conference and almost ignored the massive scale of the problem by not informing its users. The investigation appears to be crawling along, while we would like to know more of what exactly happened. The phrasing used by Sony executives is based on would-and-could sentence structures that leave its consumers in a sea of uncertainty.

What counts
Sony appeared to very humble and apologetic, but I was unimpressed by its somewhat blurry announcement that some services will be restored this week and all of the services within a month. Let's not forget that we trusted Sony to safeguard our information and that the true victim here is the consumer, who is now inconvenienced by another system update download and the request to renew passwords into the PSN account. Sony's apology and a free download was something that you could have expected, but something that is not in line with the damage that has been done.

Will the gift restore your trust in Sony, especially if negligence enabled the hack? I haven't heard anything about how Sony will rule out negligence down the road. The much greater problem is that such negligence and vulnerabilities in general are not limited to Sony -- they are a possibility that will always exist with such services. Cloud services in general will be affected by this incident, and I'd bet the farm that many consumers will now be much more reluctant providing critical data such as credit card information for cloud services -- at least those services they don't necessarily need and services that are not established yet. I would have hoped that Sony would have been more aggressive with providing information and telling users in more detail what the company will do to prevent such attacks in future.

However, luckily, it is human nature that we tend to forget such events. A year from now, and if no other hack occurs between now and then, we won't question the security of such cloud systems anymore as we question them in the aftermath of the Sony hack.

You can leave a response or trackback from your own site.

More from ConceivablyTech:

Want to read more about Sony? Add it to My Watchlist, which will find all of our Foolish analysis on this stock.