Los Angeles, CAThe massive data breach that brought Sony to a public relations waterloo in the weeks leading up to Christmas last year (and ironically, in its wake, creating an unexpected public awareness coup for its new movie, The Interview) is already percolating through the courts with a bid to consolidate six federal class actions. A seventh proposed class action was filed in state court.
Not unexpectedly, Sony Corp. as recently as four days ago attempted to have the lawsuits tossed out of court.
A common assertion amongst the plaintiffs is that Sony did little to prevent future attacks after a series of previous data hacks. It has been widely reported that the most recent hack originated in North Korea in response to the production and imminent release of the comedy that spoofs North Korean leader Kim Jong-un.
Plaintiffs in seven putative class actions point to prior data breaches suffered by Sony Network Entertainment International LLC and Sony Computer Entertainment America LLC that compromised the personal information of some 77 million PlayStation Network users in 2011. The plaintiffs in the six federal class actions and lone state class action assert that Sony dropped the ball following the 2011 data breaches and didn’t do enough to shore up any weaknesses that may have allowed the most recent data breach in the fall of 2014.
No matter. On February 9, Sony attempted to have the lawsuits thrown out in the face of allegations made by the majority of the various actions that Sony violated the California Customer Records Act. Sony’s position is that the Act does not apply given that plaintiffs are not customers, but rather employees of Sony.
“There are no allegations of identity theft, no allegations of fraudulent charges, and no allegations of misappropriation of medical information,” said the motion to dismiss the case brought by former employee Michael Corona. “Instead, the plaintiffs assert a broad range of common-law and statutory causes of action based on their alleged fear of an increased risk of future harm, as well as expenses they claim to have incurred to prevent that future harm. Those allegations, however, fail as a matter of law to establish the plaintiffs’ standing to sue.”
In response to an invasion of privacy allegation made by another former employee, Sony argued that the inadvertent loss of employee information falls short of standards set and observed by the court.
“The unintentional loss of data resulting from the theft by a third party, exposing the plaintiffs to, at most, an increased risk of identity theft does not constitute egregious conduct on SPE’s part so as to give rise to an actionable invasion of privacy,” Sony said.
With business, commerce, retail purchases and entertainment options increasingly embracing the Internet, consumers are expectant that corporations and other entities that conduct commerce online have bullet-proof safeguards in place to protect personal information and other sensitive data.
Recent breaches affecting Target, Home Depot and now Sony suggest that such safeguards continue to be lacking.
The cases are Michael Corona et al. v. Sony Pictures Entertainment Inc., case number 2:14-cv-09600; Joshua Forster et al. vs. Sony Pictures Entertainment Inc., case number 2:14-cv-09646; Michael Levine et al. v. Sony Pictures Entertainment Inc., case number 2:14-cv-09687; Marcela Bailey et al. v. Sony Pictures Entertainment Inc., case number 2:14-cv-09755; Steven Shapiro et al. v. Sony Pictures Entertainment Inc., case number 2:14-cv-09762; Anastasio Garcia Rodriguez v. Sony Pictures Entertainment Inc., case number 2:15-cv-00014; and Lawon Exum et al. v. Sony Pictures Entertainment, case number 2:15-cv-00011, in the US District Court for the Central District of California.
If you or a loved one have suffered losses in this case, please click the link below and your complaint will be sent to a financial lawyer who may evaluate your Data Breach claim at no cost or obligation.