A lawsuit has been filed in the US claiming that Sony knew its network was at risk of attack and did nothing to address the issue, a report by Reuters claims.
The lawsuit, filed in San Diego on Monday, says that the company had previously come under attack, yet still went ahead and laid off employees who were responsible for security.
It also claims that Sony upgraded its network in order to protect sensitive data concerning the company, but failed to do the same for its customers personal information.
The suit was filed by three New York men: Felix Cortorreal, Jacques Daoud Jr. and Jimmy Cortorrea. The court documents say that the men claim that Sony “knew that its inadequate security systems placed it at an increased risk for the attack, which directly and proximately caused the theft of its customers’ personal information and a month long interruption”.
The trio claim to have expert witnesses who know first-hand that Sony was told its PSN system protection was weak and at risk from attack, but the company failed to take action, instead choosing to make key employees redundant to save costs.
The employees worked at the Network Operations Centre and were responsible for preparing for and dealing with breaches of security.
In April hackers stole the personal information of 77 million PlayStation Network and Qriocity accounts, and Sony admitted afterwards that credit card information may have been taken.
It was later revealed that 25 million users of a separate system, Sony Online Entertainment, may also have been affected in a further security breach in May.
The company failed to alert its customers to the attacks for several days after they had occurred, and the PSN network was down for a month afterwards while Sony attempted to bolt the proverbial stable door.
The suit asks for reimbursement for PlayStation consoles, PSN fees, restitution, “exemplary damages,” and “appropriate credit monitoring.”
Sony has been unavailable for comment.