A new lawsuit alleges that Sony fired workers in its network security operations two weeks before a cyberattack brought down the PlayStation Network.
Additionally, the suit charges that Sony paid millions to secure sensitive information online – its own corporate secrets. Customer data didn’t receive the same level of treatment, says the suit, which seeks class action status.
PlayStation Network was entirely dark for 23 days, from late April to early May, following a crippling cyber attack that exposed millions of customers’ private information to hackers. Credit card information is believed to be among the data lost, though that hasn’t been confirmed. Sony has offered its account holders free identity theft protection, among other considerations for returning customers.
This complaint, filed in federal court in San Diego on Monday, says Sony dismissed “a substantial percentage” of the Sony Online Entertainment workforce, including many from its network operations. The suit cites a confidential witness as the source of that information. The suit says Sony should have known it was it increased risk of attack because it had experienced smaller breaches in the run-up to the April 20 outage.
In late April, Sony laid off 205 SOE employees, calling it “a strategic decision to reduce costs and streamline its global workforce”. SOE’s Denver, Seattle and Tucson offices were closed as a result. No mention was made of network operations in the company’s statement at the time.
Kotaku has contacted Sony Computer Entertainment America for a response.
The case is Cotorreal et al v Sony Corporation Inc et al, 11-1369.
Sony Laid Off employees Before Data Breach—Lawsuit [Reuters]
Leave a Reply