Sony is being hit with a class action suit in the wake of the recent PlayStation Network outage that was caused by a hacking attack.
Hackers broke into Sony's PlayStation Network last week, swiping user information and possibly credit card numbers. The lawsuit, filed by Novato, Calif.-based Rothken Law Firm on behalf of Kristopher Johns, says Sony did not do all it could to both prevent the intrusion into its systems and inform subscribers of its occurrence.
According to the lawsuit, Sony failed to maintain adequate security over user information, which made them unable to prevent hackers from getting in and stealing user names and passwords, which ultimately lead to account information.
This breach of security was caused by Sony's negligence in data security, including its failure to maintain a proper firewall and computer security system, failure to properly encrypt data, its unauthorized storage and retention of data, its violation of Payment Card Industry Data Standard(s) and rules and regulations it was bound to obey for the benefit of consumers, the lawsuit says.
The lawsuit also claims that Sony failed to inform its customers of the breach in a timely fashion. This has caused significant damages, the lawsuit says, because it left customers unable to change their credit card information, check credit reports, and, in general, monitor any credit cards potentially affected by the breach. Sony says that it first detected the problem on April 21, but did not reveal the full scope of what had happened until April 27 in the U.S., a week later.
The plaintiffs seek damages to compensate themselves and the Class for their loss (both temporary and permanent) of use of their PlayStation consoles and the PlayStation Network and Qriocity services, and their time and effort spent attempting to protect their privacy, identities, and financial information, the suit says.
Full text of the lawsuit is here.