BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Sony Loses Bid to Dismiss Suit Over ‘Nightmare’ Data Breach

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 16 Jun 2015 19:20:40 -0600
http://www.bloomberg.com/news/articles/2015-06-16/sony-must-face-employee-claims-over-stolen-personal-data


Sony Pictures Entertainment Inc. lost a bid to dismiss a lawsuit by former
employees whose personal data was stolen in what they called a “nightmare”
computer hack linked to the release last year of “The Interview,” the
spy-caper comedy set in North Korea.

A federal judge in Los Angeles Monday refused to throw out the allegation
that Sony was negligent in not maintaining adequate security to stop
hackers from getting into the company’s computer systems and releasing
employee salaries, worker health data, racially tinged e-mail banter and
other sensitive information.

U.S. District Judge R. Gary Klausner didn’t rule on the merits of the claim
that Sony made a “business decision” not to spend money on beefing up its
security system after prior data breaches. The judge said it doesn’t need
to be proven true for the lawsuit to proceed at this stage.

The judge threw out some of the ex-employees’ other claims, including one
for breach of contract.

U.S. officials have blamed North Korean hackers angered over the Seth Rogen
movie for the attack, which became public in November. The breach exposed
Hollywood secrets, destroyed company data and caused the movie studio to
initially cancel the release of “The Interview,” which was about a
fictional assassination of North Korea’s leader, Kim Jong Un.

Sony Pictures said in a Dec. 8 letter to its employees, filed with the
California Attorney General’s Office, that the hackers may have stolen
Social Security, driver’s license and passport numbers, as well as
credit-card, compensation and medical information, among other private data.

Robert Lawson, a spokesman for Sony Pictures, declined to comment on the
ruling.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: