A gentleman from Birmingham, Alabama has put in the first legal claim against Sony via the U.S. District Court for the Northern District of California. He is hoping his case will be awarded Class Action status so that the complaints of other consumers will be added to its weight.
Kristopher Johns is claiming that Sony did not take “reasonable care to protect, encrypt, and secure the private and sensitive data of its users.” He states that because Sony didn’t warn consumers sooner, they might suffer greater financial damage because they weren’t given the opportunity to make their own decision about closing accounts and cancelling cards.
Johns is claiming for monetary compensation as well as free credit card status monitoring. If his case is awarded Class Action Status it could potentially mean a rather large group of consumers, although undoubtedly substantially fewer than the 75 million accounts, are entitled to join the case and benefit from any future entitlements it yields.
In a country with such a widespread culture of litigation, it’s hardly surprising that it hasn’t taken too long for the first lawsuit to be filed. We wouldn’t be surprised to see similar suits in Europe fairly soon either.
Source: CNet
skibadee
http://www.thesixthaxis.com/2011/04/27/sony-tc-no-liability-for-data-loss/
TURRICAN-808
Isn’t the lawsuit about SONY failing to adhere to standards setup to protect consumers data?
i.e. a good firewall?
skibadee
http://spong.com/feature/10110323/Opinion-PlayStation-Network-the-Credit-Card-Theft-Storm
TURRICAN-808
Having read your links, i’m now confused as to what angle the plaintiffs are coming from, anger?
skibadee
I feel it is a anger thing for now TURRICAN808. here is a bit more info http://spong.com/feature/10110384/Opinion-PlayStation-Network-Hack-Analysis
Uhyve
Because if hackers actually have the card information, then the credit card information wasn’t encrypted when stored on the server side. That link is talking about ‘man in the middle’ attacks and is looking at a completely different part of Sony’s security.
There is actually plenty of proof that Sony didn’t secure information properly. In fact, looking at the IRC chat linked to in that article, they mentioned that Sony was running a 2 year old version of the Linux kernel… Seriously, when dealing with credit card information, that’s literally insane. New server vulnerabilities are discovered every day and if they were doing this, you’ve got to wonder what other vulnerable programs/services they were running on those servers and what other best practices they just couldn’t be bothered with.
skibadee
even if they have the card numbers there useless without the 3 on the back.
Uhyve
Firstly, security codes are not mandatory, therefore, plenty of places do not require them. Secondly, tell that to Jeremy Clarkson.
skibadee
have you got names of places that will let you do that without a code?.
Uhyve
I’m not a hacker so I don’t need to know that sort of stuff, but you know, I don’t remember being asked for a security code with the PSN…
skibadee
what has it got to do with being a hacker you said there are places that do not need the code so you must no some?
Uhyve
Didn’t feel like reading the entire sentence?
skibadee
you have no answer so your trying to pretend no ones reading your comments again you do this a lot when you run out of answers.
slates16
The playstation network doesn’t require them
skibadee
places you find some were on the net that will accept that.
skibadee
plus the first time you use PSN you have to have that code.
cc_star
T&C are less than irrelevant if they contravene laws of which there are many surrounding data protection.
Ben
Yes. Sadly most customer services personnel, store assistants, et cetera, do not seem to realise the standing of the law over their company’s own personal policies.
Uhyve
As an example, Sony has been ordered to pay for removing OtherOS in Finland and had to have it pointed out to them that a EULA cannot supersede consumer laws:
http://games.slashdot.org/story/11/04/23/031220/Sony-Should-Pay-For-OtherOS-Removal-Says-Finnish-Board
I know that’s Finnish law, but contract law is fairly similar is most countries.
skibadee
that is not law its from a powerless board no legal power no courts.
Uhyve
Rereading the article you’re right, though apparently in their courts, the opinion of the CCB is considered.
skibadee
not shore about that these days plus its all imagination nothing has happened yet. have you got names of places that will let you buy without the codes?
skibadee
I replied to the wrong comment.
hazelam
yeah, no!
the law > license agreement
skibadee
places.
fly737
and so the soap opera begins…
Tienpawa
…More like a season premiere
squashme
movie premiere :) Sony Goes Bankrupt
squashme
The Life Of Sony Corp premieres tonight on BBC1 lol
Roynaldo
Dont ask me why but this doesnt please me at all.
Kronik76
Why? :-P
Roynaldo
i shall hunt you down :p
hol
Typical & expected I suppose?
peespee63
Surprise surprise. Well, that’s the door opened.
I have to say, although I am mightily annoyed about the whole thing, I don’t think that suing or indeed class action suits are the way to go. Sony’s just been dealt a huge blow, and yes, it could have been handled better, but it’s not exactly as if they invited their servers to get attacked is it?
But good luck to the guy anyway.
Uhyve
Well, I suppose it would be possible to argue that they invited the interest of hackers (I’m not going to though, even if I think they did alittle bit). But then, I suppose it probably wasn’t that type of hacker who did this… unless Geohot was reallly pissed, heh.
On a slightly unrelated note, if this actually was a member of Anonymous and they have no intention of using the credit card info, it would be a very effective way of damaging Sony, I mean, to the point where they’re gonna be in trouble with multiple governments whatever happens.
I know it’s kind of conspiracy theory level of speculation, but still, it’s such a weird coincidence that a few weeks after a hacker group declares war on Sony, Sony is massively hacked…
Well, whatever happens, I’m hoping it’ll be a while till this information is actually used. I mean if you think about it, this information is kinda hot right now, the hacker may need to wait for the heat to die down.
skibadee
this will be a fine if anything there has to wrong doing first.
m61726b
Getting a bit burnt on all this now. It is important and it is major cock-up but my enthusiasm has died. Want to move on.
colossalblue
Tell me about it. It’s exhausting trying to keep abreast of everything but it looks like the story will run for a few more days yet.
m61726b
Might watch some re-runs Of Charlie and Di’s wedding.
ProjectJAY
*glances at the top commented stories of the week*
PSN…PSN…PSN…PSN…ooh, Portal!…PSN…
I never thought I’d get bored of a legal case quicker than the GeoHot scandal.
RudeBoiBrand
I take it this fellas had he’s account emptied (doesnt actually say)
If not, what’s his problem
ProjectJAY
That’s a good point, he’s not gonna have an airtight case if he doesn’t have any evidence that someone has POSSIBLY taken his information, other than Sony’s statement.
Kovacs
His point is Sony put him at risk by not contacting him sooner. Due diligence. Also, his case may insist that the reports drafted by the independent security experts are made available to his lawyers to prove if Sony have been lax in their storing of his sensitive information.
If this proves true, he has grounds for grievance as there is a understanding that Sony will uphold what’s known as a “duty of care.”
If it can be proved that they did not uphold this arrangement, they’re – legally – in trouble.
RudeBoiBrand
Has the fella not anything better to do….
ProjectJAY
Ah, I see, that makes sense. Thanks for clearing that up :)
If it’s compensation he’s after though, surely he’s not going to get that much for ‘grievance’? Especially not if he can’t upgrade it to class action…
TSBonyman
I don’t think he’ll get any monetary compensation if he hasn’t actually suffered any loss. Also i don’t think he could possibly have enough information yet regarding what exactly Sony did or didn’t do, the exact nature of the hacking or whether his information was actually accessed or not.
squashme
we’ve all suffered loss by having our personal details taken by a hacker
TSBonyman
I don’t think anyone can quantify anything for sure until we at least find out more details about the intrusion – and hopefully before we begin to start hearing stories of subsequent fraud as a result of PSN accounts being compromised.
TSBonyman
begin to start? .. oh dear.. :S
Sympozium
How many millions? no share, no deal… or something?
colmshan1990
How can he file this without knowing if he’s actually lost anything?
The PSN hasn’t suddenly been restored, has it?
E8_BALL_
i wish it had.
worn out by the whole thing, time to learn from any errors and get back to normality.
BLAGGER
^ hear, hear!