Following the disastrous attack on Sony's PlayStation Network in mid-April and the subsequent announcement by the company that personal information tied to all customers with PSN IDs (said to number above 70 million) was compromised, many account holders understandably freaked out - especially when they considered Sony had waited nearly one week to divulge as much.
Some quietly changed passwords and carefully checked credit statements for signs of foul play, while others opted to file lawsuits against Sony. A new trio of aggrieved consumers has joined the latter.
According to a legal filing uncovered by video game news and business site Gamasutra, plaintiffs Felix Cortorreal, Jimmy Cortorreal and Jacques Daoud cited one witness, an ex-Sony Online Entertainment (SOE) worker, who said "lavish" spending by SCE on the PS DevNetwork - as well as the mass lay-offs which hit SOE in March - negatively impacted customer security. Perhaps ironically, the PS DevNetwork is essentially part of the greater PSN, albeit one only accessible by game developers.
The lawsuit boasts two other provocative witnesses, both also former Sony employees. One stated that Sony technicians knowingly disregarded implementing stronger security, opting instead for ad-hoc firewalls when necessary. The other admitted that PSN had in fact been breached prior to April.
As for the argument that the SOE lay-offs played a part in the PSN breach, a Sony spokesperson told ComputerWorld that "no [SOE] security people were fired." The site also spoke with the trio's legal counsel, Stuart Davidson, who said that while the focus is on earning damages for those who've demonstrably "had their identities or personal information compromised," his firm - Robbins, Gellar, Rudman & Dowd - isn't ruling out punitive damages as well. "We are always holding [that] in our back pocket," Davidson said.
Since the April PSN attack, several others have filed complaints against Sony. Kristopher Johns of Alabama alleged several violations by the company within days of its admission that user data had been compromised. In May, a Canadian woman who admitted she was a big Sony fan and avid gamer also launched a class-action suit.
Sony, in an attempt to mollify consumer fear, offered free ID theft protection services (sign-up ends tomorrow) to those affected by the breach. The company also crafted a "Welcome Back" package - a bevy of content at no cost.
MyCE will update this post with a copy of the legal document when it's made publicly available. (via Gamasutra)
