Sony Computer Entertainment America LLC has agreed to pay $15 million to settle a class action lawsuit related to a massive data breach suffered by PlayStation users, according to documents filed last week in California federal court.
Under the terms of the settlement, Sony has agreed to give class members $15 million in games, online currency and identity theft reimbursement. Class members are defined as all U.S. residents who had a PlayStation Network account or subaccount, a Qriocity Account or a Sony Online Entertainment account prior to May 15, 2011.
Sony announced in 2011 that PlayStation users’ data had been compromised due to an unauthorized attack on the computer network systems used to provide PlayStation services. The compromised data allegedly included credit and debit card information from PlayStation and Qriocity users. In the wake of the breach, Sony offered free identity theft protection to its PlayStation Network users.
Following Sony’s announcement about the data breach, 65 class action lawsuits were filed against the company. The plaintiffs alleged that Sony failed to follow industry standard protocols to secure their personal and financial data. Further, the plaintiffs alleged that Sony should have known that it took inadequate security measures and left its users’ data at risk for attack.
The class action lawsuits were consolidated into multidistrict litigation (MDL) to allow for coordinated pre-trial proceedings. A consolidated PlayStation data breach lawsuit was filed in January 2012. A court subsequently granted Sony’s motion to dismiss the consolidated class action lawsuit, but allowed plaintiffs to file an amended complaint.Â
Earlier this year, U.S. District Judge Anthony Battaglia granted Sony’s motion to dismiss the majority of the plaintiffs’ claims in their amended class action lawsuit, but kept consumer protection claims under some state laws, finding that the plaintiffs had sufficiently alleged that Sony made misrepresentations or omissions about its network security.Â
The Sony class action settlement, if approved, will allow PlayStation Network users to choose from a mix of games, online display themes and a three-month subscription to PlayStation Plus. Class Members who took Sony up on its offer of identity theft protection after the breach will only be able to choose one of the items. Class Members who were not part of the PlayStation Network but had different Sony gaming network accounts will receive $4.50 worth of online currency. The PlayStation data breach settlement will also provide payment of documented and unreimbursed identity theft related charges that were likely related to the data breach.
The plaintiffs are represented by Ben Barnow of Barnow and Associates PC, Paul J. Geller of Robbins Geller Rudman & Dowd LLP, David A. McKay of the Law Offices of David A. McKay LLC, Adam J. Levitt of Grant & Eisenhofer PA, Brian R. Strange of Strange & Carpenter, Timothy G. Blood of Blood Hurst & O’Reardon LLP and Gayle M. Blatt of Casey Gerry Schenk Franca Villa Blatt & Penfield LLP.
The Sony PlayStation Network Data Breach Class Action Lawsuit is In re: Sony Gaming Networks and Customer Data Security Breach Litigation, Case No. 3:11-md-02258, in the U.S. District Court for the Southern District of California.
