Sony breach fuels legal battle

Sony has been slapped with its first class action lawsuit following the PlayStation Network (PSN) outage which has resulted in the potential theft of 77 million customers’ personal information, including credit card details.
Yesterday, Kristopher Johns, 36, of Birmingham, Alabama, filed the first class action lawsuit, on behalf of all PSN users, in the U.S. District Court for the Northern District of California.
The lawsuit alleges that Sony “failed to encrypt data and establish adequate firewalls to handle a server intrusion contingency, failed to provide prompt and adequate warnings of security breaches, and unreasonably delayed in bringing the PSN service back on line.” It also accused Sony of violating the Payment Card Industry (PCI) security standard, which prohibits companies from storing cardholder data.
The UK’s Information Commissioner’s Office is also investigating the case, as there are about 3 million reigstered users in this country. The regulator has the power to fine companies up to £500,000 for flouting the Data Protection Act.
The breach has resulted in the gaming network being closed since April 20. Sony has admitted that extensive amounts of sensitive personal data was compromised, including names, email addresses, birthdates, login data and purchase history.
The company has warned users to be aware of possible fraudulent emails, telephone calls and letters asking for further personal information and has advised users to change their PlayStation Network passwords as soon as the service is restored but has not said when that will be.

Related stories:
PlayStation hack hits credit cards
77m fear fraud in PlayStation hack
Mothercare warns of spam attack

Print Friendly