For those who have been watching the PlayStation Network (PSN) outage story, it was likely only a matter of time before someone would be resorting to litigation. Well, it’s finally happened in a Northern District of California.
Note: This is an article I wrote that was published elsewhere first. It has been republished here for archival purposes
It’s the Easter Sony would likely rather forget, but the PSN outage story has just gotten worse for the company. Kristopher Johns has the distinct honour of being the first person to file a class action lawsuit against Sony. Earlier today, we reported that over 70 million (some sources say that the number is more likely to be 77 million) users probably had their accounts compromised by the “external intrusion“. While some were initially blaming Anonymous for the hack, news also surfaced that it was more likely a custom firmware that caused the issue.
While some might think this is some person suing merely because the information he had on the network was compromised, Information Week reports that the lawsuit is much more in-depth then that:
The lawsuit alleges that Sony “failed to encrypt data and establish adequate firewalls to handle a server intrusion contingency, failed to provide prompt and adequate warnings of security breaches, and unreasonably delayed in bringing the PSN service back on line.” It also accused Sony of violating the Payment Card Industry (PCI) security standard, which prohibits companies from storing cardholder data.
Some of this does go along with earlier speculation that Sony didn’t encrypt critical data such as customer credit card credentials, though this wasn’t exactly confirmed.
It’s not clear if other lawsuits will find their way through the courts as a result of this, but it wouldn’t surprise me if other forms of litigation will surface. What damages are being sought isn’t really clear at this time.
Do you think such litigation has merit?
Update: Lawsuit is available via Scribd
Drew Wilson on Twitter: @icecube85 and Google+.