The PlayStation Network Outage
Seventy-seven million accounts and a 23-day global outage made the 2011 PSN breach the moment console gaming discovered it was a data-custody business.
In late April 2011, Sony took the PlayStation Network offline. The explanation, when it came, was severe: an intruder had accessed the personal data of approximately seventy-seven million accounts — names, addresses, dates of birth, login credentials, and possibly payment card details. A separate compromise of Sony Online Entertainment added roughly twenty-five million more.
Twenty-three days dark
What turned the PSN breach into a defining incident was the outage. The network stayed down for twenty-three days. Millions of consoles that had been sold partly on the promise of online play became, for the better part of a month, offline machines. Sony's communications were criticized at the time as slow and incomplete; the gap between detecting the intrusion and fully informing users became a case study in breach disclosure.
The financial and regulatory aftermath ran for years. Sony estimated direct costs in the range of $170 million. The UK Information Commissioner's Office levied a £250,000 penalty for inadequate security. Class actions followed in multiple jurisdictions.
A cultural turning point
The breach landed at the moment online console ecosystems were becoming the industry's economic center of gravity. It forced publishers and platform holders to internalize that a game network is, structurally, a payments and identity platform with the security obligations that implies — not merely an entertainment service.
What the chronicle remembers
PSN 2011 is the incident that made console gaming grow up about data custody. The dollar figure was large, but the durable lesson was the outage: in a connected-platform business, the breach and the business-continuity failure are the same event.