Sony laid off security staff prior to PSN data breach, claims lawsuit

Proposed class action suit alleges that electronics giant gave pink slips to employees in network security division two weeks before hacker attack; knew customer data was at risk.

The PlayStation Network may be up and running again after April's massive security breach and the subsequent month-long outage, but the incident is leaving some longer-term reminders for Sony. For instance, the company is now dealing with a handful of lawsuits over the breach, including one filed this week alleging that Sony laid off network security staff just weeks before the breach and ignored previous smaller-scale hackings that demonstrated security holes.

The PSN is back up, but the story's not over yet.

The complaint accuses Sony of negligence, breach of contract, breach of fiduciary duty, and violating the federal Electronic Communications Privacy Act by not properly securing customer information. To help make its case, the suit cites a half-dozen former Sony Computer Entertainment America and Sony Online Entertainment employees as confidential witnesses, many of whom were employed with their respective companies until March of this year.

The confidential witnesses attest that Sony kept vastly different security standards for its own information and that of its customers, using out-of-date software, substandard encryption processes, and no firewalls when it came to customers' data. Additionally, the suit points out that Sony was warned in early April by hacking group Anonymous that it had become a target for cyber attacks, and it notes that in late March, "a substantial percentage" of Sony Online Entertainment's Network Operations Center, the group responsible for preparing for and responding to security breaches, had been dismissed in a round of layoffs. (SOE customer information was also compromised around the time of the PSN hack.) As for previous hacks, the suit notes widespread hacking of Modern Warfare 2 made the game "unplayable online" in January, and it refers to unspecified reports in May 2009 that unauthorized copies of customers' credit cards were emailed to an outside account.

The suit is being brought by a trio of Sony customers, two of whom were PSN members at the time of the massive security breach. The third plaintiff was a member of Sony Pictures' website and had his personal information made public when the site was hacked earlier this month by LulzSec. They are attempting to get class action status for the suit, so that it may cover all US users of PSN and Sony Pictures' site at the time they were hacked. The group is seeking monetary damages with interest, attorneys' fees, and appropriate credit monitoring services for all members of the class. Sony has already launched a program to provide affected PSN users with 12 months of complimentary credit monitoring.

Written By

Want the latest news about PlayStation Portable?

PlayStation Portable

PlayStation Portable

Follow

Discussion

329 comments
mclebron23
mclebron23

@warhawk-geeby...dont need a web browser since i have a lap top, dont need a bigger hard drive since my ps3 is 60gb which i more than plenty for me (my 20 gig 360 hard drive has lasted me for 4 years). Net flix and that music thing sony has is not free. You still have to pay monthly for netflix. so the free on demand services is false. You can make multiple accounts for free on 360 too, you just cant play online. If you're talking about making multiple accounts on ps3 to play online, i really dont see a point in that. All i need is 1 account and that for me. The only thing you said that i dont have an answer for is blue ray and thats not "everything" like the other kid said ps3 had. The things i mentioned 360 had over ps3 is a lot more annoying to a gamer then the pointless things you said. BTW, i'm definitely not against ps3 at all. I love it especially for the exclusives, but when it comes to online, especially FPS games because of the controller, 360 wins easy. Also I just bought MK for ps3 like a week ago and i played against the same kind of kids i play on 360 and that goes for annoying little kids, and especially losers that play the game 24/7 doing 20 hit combos. Also theres a ton of annoying little kids that play like boxes on uncharted 2.

RX-78MajiGundam
RX-78MajiGundam

does anyone have any sympathy for the employees whos lives are ruined because of a selfish hack group.

HappyBB
HappyBB

Good! Sony deserves all these suits. This will teach you not to mess with gamers' freedom of speech and expression. I hope this will serve a very good example to all the corporate. May all the plaintiffs win their suits against Sony!

terrascythe
terrascythe

Yes, the admin codes were leaked to the so called anonymous hackers by a Nor Cal Sony employee who was laid off in early 2011. Old news... Everyone knows Sony shares some of the blame, trust me, several heads rolled, dozens and dozens of Sony employees lost their jobs after the hack. Keep in mind this was dubbed by the hackers as "OP-SONY" and the target was Sony execs and game developers. It's true that game developers have PSN accounts, hence Bethesda, BioWare, EA, SEGA, and all the major studios are being hacked right now (as well as Sony). The operation is simple than take down Sony, it's taking down the internet, and taxing you for playing online for 8 hours straight. In every country, over a million dollars a month is spent lobbying your regional politicians to tax online gaming! The class action lawsuit is a knee jerk reaction, "I blame Sony now give me free stuff with interest" attitude. We should be filing suit against the politicians and FCC commissioners for accepting these moneys. More importantly, we need to take local action and end the international cybersecurity initiative. I'll sum it up this way, do you want to play COD online through the PSN or the GSN (Government cyberSecure Network)? If you answered GSN, please thumb scan now.

raptures330
raptures330

[This message was deleted at the request of the original poster]

Phatjam98
Phatjam98

[This message was deleted at the request of a moderator or administrator]

Mondrath
Mondrath

@Neil_Clancy What????!!!!!!!! Where on earth have you been for the last year or two? Locked in a dark, dank room, kept away from modern tech? HELLO!!! LED TV.......Sony, samsung, LG, Toshiba and many others produce them. All 3D TVs are LED (and buy 3D tv I mean te ones that come with digital glasses when you buy them, not old 3D movies with cardboard green and red glasses). Google it mate.

warhawk-geeby
warhawk-geeby

Skyrim's out soon-ish.. let's just rejoice :P

Ballen04
Ballen04

People do realise that the people sony laid off were likely part of the cause of the attack whether it be directly or indirectly. In no way would sony benefit from this sort of attack (obviously) so its not like they have purposely cut corners on their security. There will always be hackers who will eventually find a way past any firewall, its unavoidable. Sony have millions of loyal customers and the last thing they want is to lose them so to say they arent doing a good enough job is like complaining your pizza got delivered late on a busy rainy night....just deal with the fact there are things that just cant be helped at the worst of times. If this had happened to microsoft then it would be the exact same arguement in reverse, and lets not forget miscrosoft have just as much blood on their hands as sony when it comes to security failures. Sony have helped make up for the problems with the welcome back program, as well as insuring account holders against any money losses if they have been compromised, and now they have improved their security even further by learning from their mistakes. Enough said, now lets all get back to gaming.

DiscGuru101
DiscGuru101

So disloyalty and double standards breeds weakness in the cooperate world too.

Senopui
Senopui

@anthonycg Haha, true that especially considering the blaster worm that infected every PC with windows 2000(including XP, 2003 server, and NT) were infected yet 95, 98, and ME were left unharmed due to their old ways of handing RPC. Talk about irony :P.

rasterror
rasterror

It's like your landlord selling the locks to your place. Sure nobody is supposed to break but jeopardizing the people who they make money off of security to save a quick isn't worth it. At least they protected themselves.....right?

raptures330
raptures330

[This message was deleted at the request of a moderator or administrator]

Armedoverlord
Armedoverlord

@acasero44, ya no sh** if i hear another excuse like, PS3s have saved lives! I will blow my brains out, here is some new for you sony fan boys, claim that thats fine, but the PC has saved millions more lives, which guess what thats right, Microsoft haha.

Phatjam98
Phatjam98

[This message was deleted at the request of a moderator or administrator]

Phatjam98
Phatjam98

@raptures330 Yes the DVD format was released in Japan in Nov. 96.... then in US in March 97. Oh my god, shame on me for such a huge gap LOL. Way to nit-pick. And no, people in 3rd world countries do not give a crap about BR. They worry about if they have AIDS, if they will eat, how they will survive the summer or winter. I have lived all over the world as a military child and I've seen how other poorer countries live. They do not care one bit about BR. Get a grip sparky. Hell no I do not nore will I ever own a PS3. It is over priced as I have stated and the game library is at least 2 years behind the 360. The Exclusives do not interest me enough to pay for the PS3 in a time when work is scarce and I already have a game system that is more than adequate.

ArabrockermanX
ArabrockermanX

@WolfGrey Sony has provided no evidence showing any of this to be false or even unlikely.

acasero44
acasero44

[This message was deleted at the request of a moderator or administrator]

blancobo
blancobo

The BIG guy with the MONEY is target for the class action law suits... this is the GOLDEN rule.

Angel_Belial
Angel_Belial

I don't even know why a huge and respected company like Sony would take the risk with customers' data like that. It's going to cost them a lot more money in lawsuits in the long run. There is no excuse for this breach in this day and age - it makes them seem backward.

Nano1124
Nano1124

Worst thing you can do to a hacker/gamer is... cut all his/her fingers off.

raptures330
raptures330

"The hacking group LulzSec has put an end to their cyber crime spree." "The statement posted on their website confirmed that their motivation for the attacks was self-amusement." "LulzSec claimed responsibility for stealing the account information of over 77 million members of Sony's PlayStation Network." No More Lulz

KevinnButlerNPK
KevinnButlerNPK

I guess we can finally solve the mystery as to why the Sony fanboys have been posting daily 'why do you pay for XBL' threads in SW....To smokescreen the continued idiocy of Sony's IT department

ebookerd1
ebookerd1

Burn-em maybe they should have let go some stupid execs that crapped on the customers.

Triton
Triton

Maybe they will rehire some folks to work on the download speeds for the Welcome back program. Man that is crazy slow ...

lingw0
lingw0

Ps3 or xbox360..everyone has their favorite..nerds will always argue about this. lets just all be greatful that we didn't go for the wii :)

King_Jeremy_77
King_Jeremy_77

Done and over with, Sony f'd up and now they're fixing the problem and i still love my PS3.

volcomstoner180
volcomstoner180

well thats what you get...but im over this hacking stuff hopefully we wont see anymore of it

Rand401
Rand401

People need to get over it and move on. I'll still use my PS3 and my xbox360.

pokecharm
pokecharm

my goodness, this story is just getting more troubling!

SkamArtist
SkamArtist

@ everyone talking about Blu ray and DVD Sony did develop the technology for Blu ray (with the help of Pioneer). This is from an article in PCWorld on Oct 5th 2000. " Sony and Pioneer unveiled at the CEATEC electronics show here this week a prototype optical disc video recorder that utilizes a state-of-the-art blue laser." Full Article: http://tinyurl.com/cevozb

watchawant
watchawant

No one has actually had any fraudulent transactions made on their accounts though, including these people...at least last I heard. So how can they really justify monetary damages? Credit monitoring is all they are really entitled to, and Sony is already offering that. Maybe Sony WAS a little lax about it all, but people just want quick money. P.S. - are you guys really arguing about the development of DVD and Blue Ray technology? No one cares. Stop taking up comment space.

raptures330
raptures330

@Phatjam98 You said Sony was the sole owner of BR. They are not. You used that lie to further your argument. You, arrogantly, told someone to do their research after you had just made a huge mistake for not doing the same. PS 1996 was DVD release in Japan. 1997-1998 was USA and EU. So, once again, you need to practice what you preach. Picking and twisting things to further your arguments always comes back to haunt you. Do people in 3rd world countries care about BR? Of course. People in all countries like to be entertained and there are people with money everywhere. That is just ignorant of you. Also noticed you never answered my question: You have never owned a PS3. Amusing. Makes me wonder why you are in here writing out these essays. You are getting confused on who said what. Where I lived in 2000 was great. I noticed you missed the point of that paragraph though. Standalone DVD players were expensive but people still bought the PS2 because it included DVD playback. Way to pick out what you want. So, at the end of the day: What point are you trying to make?

warhawk-geeby
warhawk-geeby

@mclebron23 No, but it does have web browser, changeable hard-drives, free on-demand services, the ability to create multiple accounts (for free) and also Blu-Ray. I'm not saying you're a fanboy, but you're clearly against the console even if you do own one. Oh. And another thing.. The Playstation community seemingly consists of far fewer annoying 12 year old Americans. Now that's a bonus to any console!

warhawk-geeby
warhawk-geeby

Is it just me that really doesn't give a crap anymore? Sony got hacked. End of. The thought of people having my perosnal information doesn't really bother me to be honest. Lots of companies have my info already, the only difference is these guys gained it illegally. If anything strange happens to my account I'll close it and open a new one. It doesn't take a genius.. Problem solved, quit moaning.

Phatjam98
Phatjam98

@rayjapan So your argument is that Developers(I worked with a Dev back in 2000) who are artists, hold themselves back because 9GB is not enough space? You then must think that games such as Oblivion, Gears of War, Red Dead Redemption, Mass Effect, and so many other amazing and beautiful games were held back and cut short because they fit on a single disk? The sarcastic comment was made because up until recently Developers have not had a need for the space that BR provides. Sure there have been some games here and there like JRPG's of the past. Recently as I mentioned there have been a couple more games come out that require more space than a single DVD namely Dead Space 2, LA Noire, and Mass Effect 2. But we are 6 years into this Gen. as the 360 hit Nov. 05. The games are generally of the same quality on the PS3 and 360 yet the PS3 hit 1 year later in 06. So we are 4.5 years into the PS3 lifecycle. That is my point. Developers do not tend to hold themselves back. They push everything they can. So why are their not more games that take advantage of the BR capacity? Its because it is still, in most cases, overkill. 25-50GB is a ton of space too be sure, the technology is great. However, Sony's insistence on putting it into the PS3 had nothing to do with Games plain and simple.

Phatjam98
Phatjam98

@raptures330 I did do my research. BlueRay was developed by Sony, it was 2 separate technologies before it was consolidated into the BlueRay we know today. Sony was the first manufacturer of the BlueRay players. Sony was the first member of the BlueRay Disc Association. Why are you bringing up first world countries? Do you think 2nd and 3rd world countries care about BlueRay? Really? DVD came around in 1996. By 2000 it was already strongly competing against VHS and by 2003 it had completely surpassed VHS. PS2 was released in March of 2000. Their was no huge boost of the DVD format sales because of the PS2. In 2000 when the PS2 came out it was in such rare supply that it was selling for double to triple retail which made it impossibly more expensive than a stand alone DVD player. And I called the kid a pirate because he was talking about ripping BR movies to his PS3. That is fine if he isn't a pirate, but if BR is so wonderful, I do not understand why he would rip it to his HDD. I'm not sure where you lived in 2000 where you couldn't find an affordable DVD player, but it must suck there. And in my neck of the woods(Las Vegas) only those making upwards of 80K per year are spending money on a BlueRay library. The rest of us at that 65k level are enjoying Netflix and our moderate 42" Plasma where the movies look just great. ;)

itchyflop
itchyflop

@antonisbob hahahahahahahahaha!!! :) awesome!!

itchyflop
itchyflop

from a company that promotes pride in quality products and being the TOP brand i was going to say i was surprised at this but this day and age im not at all. Its the little people that suffer, they're a company out to make money just like everyone else!!!

shnapoodle
shnapoodle

Can't they just let this crap die...? I've had enough of this nonsense. The hack could've happen to anyone. I bet if this happened to Xbox ppl would go into mourning. The strange thing is that this comes out long after the actual Outage. Seems like a story someone can't let die... >.>

AceCometh
AceCometh

If Sony didn't believe in karma before, I bet they do now.

Nerkcon
Nerkcon

Sony not only has outdated security but they purposefully called out a threat from hackers, took no measures in extra protections from the attack AND laid off people from their security team right before the attack? This is not believable to me.

Kalliokoski
Kalliokoski

@antonisbob Don't worry bro, I know, I know bro.

rayjapan
rayjapan

@Phatjam98 It is somewhat incorrect to say "I see, so there must be hundreds of games that require BR or multiple DVD than? Oh no?". The reason is that game developers know right from the beginning how much space they have to work with. And they also know that you can't take a game and cut it in half and put it on two discs; it has to be split in a way to minimize disc swaps (imagine in an RPG if you had to swap disc every time you walked between two rooms). So, you're argument is kind of like a chicken-egg argument. Yes, there aren't many multiple-disc games, but that could be because game publishers know how much they have to work with and aim to get it under a disc. If your game takes 1 disc + 10%, then cut the 10% rather than make it a two disc game or try to add 90% of a disc of data. And I'm with raptures330 -- my first DVD player was a PS2 also. My first BluRay player is a PS3...

raptures330
raptures330

@Phatjam98 Sony does not own Blu-Ray. It is owned by many companies, just like DVD. They are but one of the players with their finger in that specific pie. I am pretty sure there are over 10 companies involved in it. "Do some research" Don't get ahead of yourself with "streaming" either. There is one major factor that will even cripple that in first world countries. Download data cap. Also the line speeds and prices are vastly different in different countries. When talking about BR movies you seem to only take into account the video. How about the audio? There is also a very big difference there too. Actually a lot of people did get the PS2 because it could play DVDs. It helped people decide to pick that one. Thanks to that over 150 million DVD players entered homes worldwide. Maybe for your country DVD players were common and affordable in 2000. The format had barely been out a couple of years by then and everywhere I looked it was pretty expensive. Where I lived at the time only people that were pretty well off were buying standalone DVD players but lots of kids were convincing parents that for christmas they could get the new videogame player that also worked as a DVD player. It worked. My first DVD player was a PS2. Your insults only serve to weaken your arguments. PS You install games on the PS3 to play them. That takes up space. Don't call people pirates just because. You never owned a PS3, did you? I even install them on the 360 to speed up load times.

lordmagusIII
lordmagusIII

the cia got hacked. sony maybe didn't have proper security. the cia did. there was no stopping these hackers until after the fact.

antonisbob
antonisbob

[This message was deleted at the request of a moderator or administrator]