IGN reports that Rothken Law Firm of California has filed a class-action lawsuit against Sony for its failure to "take reasonable care to protect, encrypt and secure the private and sensitive data" in the event of the PSN intrusion.
After roughly a week's worth of downtime, Sony only yesterday confirmed that it was the result of an external intrusion that was first detected between April 17th and April 19th. The company believes that the personal information of PSN users (such as names, addresses, birthdays and passwords) has been obtained. While there's no concrete evidence of such, Sony also contends that it"cannot rule out" the possibility that credit-card details have also been accessed. Many PSN users are up in arms about the fact that it took Sony so long to inform them, but Sony contends it only learned of the true severity of the breach two days ago.
"We brought this lawsuit on behalf of consumers to learn the full extent of Sony PlayStation Network data security practices and the data loss and to seek a remedy for customers. We are hopeful that Sony will take this opportunity to learn from the network vulnerabilities, provide a remedy to consumers who entrusted their sensitive data to Sony, and lead the way in data security best practices going forward," said Ira P. Rothken.
"Sony's breach of its customers' trust is staggering. Sony promised its customers that their information would be kept private. One would think that a large multinational corporation like Sony has strong protective measures in place to prevent the unauthorised disclosure of personal information, including credit card information. Apparently, Sony doesn't," said J.R. Parker, co-counsel in the case.