Sony facing class-action suit over PSN breach

It's barely been a day since Sony confirmed that user data had been hacked, and already the company is the subject of a class-action lawsuit. IGN obtained court documents, filed in the district court of San Francisco on behalf of one Kristopher Johns. Among the allegations are breach of warranty, negligent data security, and violation of consumer rights to privacy, among other charges.

The suit seeks monetary compensation for the data loss, along with credit monitoring services like Senator Richard Blumenthal proposed yesterday. Since it's a class-action suit and Sony has said all user data could be compromised, the suit could potentially include anyone from the nearly 80 million registered PlayStation Network accounts.

"We brought this lawsuit on behalf of consumers to learn the full extent of Sony PlayStation Network data security practices and the data loss and to seek a remedy for consumers," said attorney Ira P. Rothken, who filed the complaint. "We are hopeful that Sony will take this opportunity to learn from the network vulnerabilities, provide a remedy to consumers who entrusted their sensitive data to Sony, and lead the way in data security best practices going forward."

The breach of trust is "staggering" according to J.R. Parker, Rothken's co-counsel on the case. "One would think that a large multinational corporation like Sony has strong protective measures in place to prevent the unauthorized disclosure of personal information, including credit card information," he said. "Apparently, Sony doesn’t."

The revelation yesterday was met with sharp criticism, particularly regarding the amount of time between Sony pulling the plug on the PlayStation Network last Wednesday, and revealing the data breach just yesterday. In response, Sony corporate communications director Patrick Seybold issued a statement explaining the gap, but we would expect Sony's week-long silence to come up in the court case regardless.