Sony may have restored access to the online Playstation Network, but this story is not quite over.
Sony will now have to defend itself in a lawsuit that alleges it was because of the company’s negligence that the hacking attack happened in the first place.
Earlier this year, Sony took the Playstation Network completely offline for around a month, with some services taing even longer to restore. This was in response to a hacker or group of hackers who managed to infiltrate the service’s back end and gain access to nearly unfettered personal data of the millions of registered PSN users.
As a means of compensation for the downtime, Sony offered two downloadable PS3 games, two downloadable PSP games, and one free month of the premium Playstation Plus service to everyone who had an active PSN account before the hack.
Anyone who was paying for premium services on the PSN also received credit for the time the services were disabled.
But for Jimmy Cortorreal, Felix Cortorreal, and Jacques Daoud, that’s not quite good enough. Even though this all happened because of a third-party criminal action, the three men have filed a lawsuit against Sony over the ordeal.
They allege Sony was negligent, ignored known concerns, and fired employees who worked on Playstation security just a short time before the attack happened.
Indeed, during the whole debacle, Sony executives candidly admitted the vulnerability in its system that allowed the hackers to gain access was a “known vulnerability,” but the company just assumed no one would ever be able to exploit it.
That didn’t really work so well.
Details of the intrustion itself are still kind of muddled. It’s not clear exactly how the hackers knew about the vulnerability, which will be the bedrock to this case. The plaintiffs will need to prove that Sony did not act with reasonable care when protecting user privacy.
Sony no doubt has been gearing up for this moment since it first learned about the attack, and will prove a very formidable defendant, no doubt.