The Rothken law firm has filed a federal class action lawsuit against SCEA on behalf of the 77 million PSN customers it says were harmed by "one of the largest data breaches in the history of the internet."
The complaint [PDF], filed in California district court on behalf of one Kristopher Johns and other PSN members, accuses Sony of "failure to maintain adequate computer data security of consumer personal data and financial data," with tools such as firewalls and encryption.
This security failure puts the company in violation of the Payment Card Industry Data Security Standard meant to protect credit card data, as well as legal security requirements for protection of customer records, the suit alleges.
The 22-page suit also accuses Sony of failing to warn customers of the possibility that such a breach was possible, and of "false advertising and unfair business practices" surrounding previous statements about account security.
The firm is seeking compensation for the "extra time, effort, and costs" customers spent for credit monitoring and card replacement in the wake of yesterday's revelation that their data might be compromised, as well as compensation for the inability to access PSN and Qriocity services since last week.
"Sony’s breach of its customers’ trust is staggering," said Rothken co-counsel J.R. Parker, in a statement. "Sony promised its customers that their information would be kept private. One would think that a large multinational corporation like Sony has strong protective measures in place to prevent the unauthorized disclosure of personal information, including credit card information. Apparently, Sony doesn't."
Affected parties can sign on to the case or provide information regarding the investigation by contacting the law firm through a web form or by phone.