In a ruling released by Courthousenews.com, U.S. District Court Judge Anthony Battaglia ruled users did not have an expectation of “perfect security” when they signed on with the company’s PlayStation Network.
Lawyers filed a class-action lawsuit on behalf of the millions of users whose accounts were compromised in April 2011. They claimed Sony did not notify users until six days after the attack occurred and shut down the PlayStation Network and Qriocity, including prepaid third-party services like Netflix, for a month while it conducted a systems audit to determine the source of the hack. Sony did offer victims free identity theft protection services, certain free downloads and online services, and possible assistance for those issued new credit cards.
The lawsuit claimed Sony failed to follow basic industry-standard protocols to safeguard its customers’ personal and financial information required to use its online services. The lawsuit noted the company already was aware of vulnerabilities after a user posted instructions online on how to “jailbreak” a PS3 console.
The plaintiffs, according to the ruling, also failed to prove specific harm from identity theft or personal fraud as a result of the data breach.
Lawyers have until Nov. 9 to file an amended Consolidated Complaint.