|Across 50 countries, 7700 million of person's profile data has been breached by hacker|
Cnet reports the lawsuit was filed on behalf of Birmingham, Alabama resident Kristopher Johns in the U.S. District Court of the Northern District of California. It's seeking to be a class-action lawsuit and claims Sony did not take "reasonable care to protect, encrypt, and secure the private and sensitive data of its users." As a result, it prevented PSN users from being able "to make an informed decision as to whether to change credit card numbers, close the exposed accounts, check their credit reports, or take other mitigating actions."
Besides monetary compensation, the lawsuit is looking for free credit report monitoring -- one of the things Connecticut Senator Richard Blumenthal called for in a letter sent to SCEA president Jack Tretton yesterday.
Not only that, US Senator Richard Blumenthal has already written a letter to Sony demanding an explanation as to why Sony tarried in announcing the full scale of the compromise:
I am writing regarding a recent data breach of Sony’s PlayStation Network service. I am troubled by the failure of Sony to immediately notify affected customers of the breach and to extend adequate financial data security protections.
A breach of such a widely used service immediately raises concerns of data privacy, identity theft, and other misuse of sensitive personal and financial data, such as names, email addresses, and credit and debit card information.
I am concerned that PlayStation Network users’ personal and financial information may have been inappropriately accessed by a third party.
Compounding this concern is the troubling lack of notification from Sony about the nature of the data breach.
Although the breach occurred nearly a week ago, Sony has not notified customers of the intrusion, or provided information that is vital to allowing individuals to protect themselves from identity theft, such as informing users whether their personal or financial information may have been compromised. Nor has Sony specified how it intends to protect these consumers.
Sony’s handling of the breach may well have violated data protection laws in any number of countries, to say nothing of the lawsuits Sony can now expect, so this may be the tip of the iceberg – little wonder Sony stocks took a modest tumble after the announcement.
I hope that other companies will learn this lesson from Sony and improve their security to protect our personal data such addresses, birthdates, and credit card numbers. With this scale of leak, i really lose my faith over online transaction especially when money involves. I really hope big companies especially banking industry to improve and tighten their security asap. Everyone including me I don't want to lose all our money when there is a data breach in bank.
The history of data leaks:
2004 – Softbank – 4,500,000 (personal data)
2005 – Visa, Mastercard – 40,000,000
2006 – KDDI – 4,000,000 – AOL – 660,000
2009 – ALICO Japan – 130,000
2010 – AT&T 110,000
2011 – SONY – 77,000,000