PSN breach spawns 55 class-action suits, Sony insurer to not pay legal fees

Saturday, 23rd July 2011 22:57 GMT By Stephany Nunneley

Sony’s insurance company, Zurich American, has filed a claim in New York asking to be except from paying to defend the firm over 55 class-action suits filed against in over the PSN data breach earlier this year.

According to Reuters, the insurer said it received claims for coverage from Sony, but under the policy written for the firm, it does noth ave any “obligation to defend any other Sony unit under that primary policy, ” since the policy does not apply to the PSN side of the business.

Zurich American said the policy only covers Sony for “bodily injury, property damage or personal and advertising injury,” and since the class-action lawsuits were not filed under these stipulations, it should not have to cover the firm’s legal expenses.

Furthermore, the insurer claimed the general liability policy it wrote for Sony was “never intended to cover digital attacks.”

Sony said in its last financial report, it expects profit to drop by 14 billion yen ($178 million) due to the cost of revamping its security measures after the breach.



  1. darksied

    And I hope Sony counter uses and wins every one of those class action suits. Unless they can prove they either lost money or had their identity stolen (which as far as I read from all the reports, were all bs), then Sony doesn’t deserve the blame for this and they should lose.

    But that’s in an ideal world. Here, who knows what will happen.

    #1 3 years ago
  2. pukem0n

    big companys winning every lawsuit is the ideal world for you? interesting.
    i hope they get fucked, just for the lulz. pun intended i guess

    #2 3 years ago
  3. darksied

    So just because they’re a big company you want them to get screwed?

    I’m all for big companies to pay up if they deserve it. From what information is there (which could be very little, granted), it looks like nothing has happened from all the info that was supposedly stolen. So I think this is a cash in by greedy people trying to make some free money. So they deserve to win because Sony is a big company?

    #3 3 years ago
  4. Phoenixblight

    No one will be getting paid except the lawyers so it proves nothing other than companies need better lawyers.

    #4 3 years ago
  5. get2sammyb

    At the end of the day, those 55 cases need to actually PROVE that they were a victim of financial/identity theft and, based on what we know, that seems like it’s going to be close to impossible.

    I suspect more than half of these cases are opportunists looking to make a quick buck, which is why Darksied is right in what he says.

    If these people were actually entitled to something, then go for it. Sue Sony rotten. But those people are going to have a hard time proving it.

    Further, insurance companies ALWAYS say they’re not going to pay. It’s unsurprising to see them take this route on such a big claim.

    #5 3 years ago
  6. Dannybuoy

    2nd line. Except? Or exempt?

    #6 3 years ago
  7. DSB

    @5 Based on…. What? You think the media is going to start running stories every time someone gets their credit card abused? That didn’t happen with Gawker, and plenty of people had their cards abused on that occasion.

    Of course they’re gonna sue, it’s pretty much the only tool the Americans have to interact with those corporations.

    They do need to go further than simply proving that their information was used. That’s not criminal in itself, as long as Sony isn’t culpable in losing it in the first place, which is where it gets interesting. If they can prove negligence, then Sony has a serious problem.

    The fact that there are 55 suits will probably serve to Sonys advantage, since they’re unlikely to get a lot of coverage as a whole. As soon one hits the news, it’s time to consider settlements.

    #7 3 years ago
  8. IL DUCE

    #8 3 years ago
  9. TheWulf

    The fun thing is is that proving negligence won’t be at all hard if they have even a half decent IT geek among their ranks. Your average Joe isn’t going to understand how a network works, or network security, but if you’re clued in then… well…

    Let’s just say that Sony’s “WE DO NOT NEED SECURITY, WE ARE SONY!” attitude has become a joke in certain circles, because they brazenly displayed their delusional omnipotence. One example of this is placing all security on the client-side, in the PS3, without any real server security. They honestly believed that the PS3 would never be hacked. Ever.

    That’s not true, and without any server security they were left wide open when the attacks came, and it was incredibly easy for the attackers to seize whatever they desired. Sony’s negligence was in not having server-side security, and that won’t be hard to prove.

    #9 3 years ago
  10. OrbitMonkey

    55 people obviously not happy with their 5 free game choices o_O

    #10 3 years ago
  11. Phoenixblight


    It took one guy in 5 years to pull it off they had a pretty good system in place until that point. There was no point in Sony changing it or updating it until it happened. If the government and their IT team didn’t find anything worth of hammering Sony for their negligence. Then these people will not either. They are just looking for a cash grab.

    #11 3 years ago
  12. DSB

    @11 There hasn’t been any kind of government funded investigation into Sony’s security. Obviously Sony didn’t hack themselves, and bad security isn’t against the law, unless you’re basically giving stuff away. Even if your house is missing a door, it’s still stealing if people take stuff from it. As such, negligence is most often going to be a case for a civil suit.

    The only that’s occurred is a congressional hearing, which is 99% political posturing. Basically as long as you don’t jump onto a table and cry “I’M GUILTY OF THESE OFFENCES, PROSECUTE ME IN A COURT OF LAW”, then absolutely nothing will happen, and you aren’t required to answer a single question.

    You can also commit perjury I suppose, but that would be pretty stupid, given that you aren’t required to answer anything.


    Sony actually declined to appear before Congress. The worst they can do in that case is subpeona you, in which case they just force you to waste your time in a big fancy room while the politicians perform their show.

    #12 3 years ago
  13. Phoenixblight

    Uh huh Just ignore this:–a011545-p0.php than.

    #13 3 years ago
  14. DSB

    It says the theft is under investigation, which isn’t very odd given that that’s an actual crime. I don’t see any mention of Sony’s security or any suspected culpability in losing peoples information.

    The fact that Holder informing the Senate Judiciary Committee on what’s already painfully obvious to most of the world, happens to trigger a post on a Playstation related website really doesn’t say anything. Except that people will write posts on just about anything to get a little content for their sites.

    #14 3 years ago
  15. Phoenixblight

    Again those 55 cases won’t get anywhere unless they can prove they were damaged by this which they weren’t. They are looking for a cash grab and they think they will get a big fat paycheck but what they don’t realize that the lawyer’s will be taking 60% and than all the fees and then whoever instigated the investigation get the next portion and whatever is left is thrown to those that signed on to it. I don’t see anyone suing the government when ANonymous hacked them. Thats a far more dangerous thing than people losing CC info which you can change within a phone call.

    #15 3 years ago
  16. DSB

    I haven’t seen any information on how many credit cards or identities have been abused as a result of the breach, but I’d imagine that that’s the sort of the thing the lawyers are looking into.

    I don’t know what they have, so I don’t know how succesful they might be. It seems to me like Sonys security was almost certainly worse than average, but that will have to be proven beyond a doubt.

    #16 3 years ago
  17. Phoenixblight


    Took one guy 5 years to crack it. The same system for 5 years. Microsoft has had multiple attacks all the time and they change their software frequently. The only reason why people are on this because its publicized and people have some innate disgust for corporation’s and want to get paid for it. Like I said the same thing happened to the government and did anyone get up in arms about that? No. But a big multibillion corp, Hell yeah I want a piece of that action. They are parasites.

    #17 3 years ago
  18. DSB

    It’s really not that black and white. I don’t know how long he spent to crack it, but it’s not exactly clever to leave an exposed service running if you’re aware of the risk, and if that really is your first and last line of defence.

    Sony’s hopes and dreams won’t protect their networks. Even if you’re somehow convinced you have a great system, that’s still not an excuse not to do everything you can, to protect the information on your servers. The whole idea of preventing a breach is redundancies and constant dilligence, since there’s no limit to how resourceful hackers could be. You’ll never know if they’re ahead or behind the game, so you have to make sure you’re on the cutting edge.

    By Sony’s own account, the hackers had their way with their network for at least 24 hours, almost certainly more, and anyone I know who’s ever worked at an internet business are simply shaking their heads at that.

    It took Notch from Minecraft less than an hour to pull the plug, but a company holding 77 million records takes more than a day? That’s either serious greed or serious negligence. Whether it’s cause for damages remains to be seen.

    As for parasites. Well, you could say the same for a medical manufacturer who accidentally kills people with their drugs. I don’t mind it when companies pay for their mistakes, even if lawyers are greedy, and people love the money.

    #18 3 years ago
  19. Phoenixblight


    It hasn’t there has been no reports of anyone had their identity stolen or any damage whatsoever. They would have gone to the public about or to a media source for it but there hasn’t been. SO 1 + 1 = 2?

    “As for parasites. Well, you could say the same for a medical manufacturer who accidentally kills people with their drugs.”

    Thats not a parasite. Thats just an accident that happened. DO you even know the defintion of a parasite. Yeesh.

    #19 3 years ago
  20. DSB

    @19 Nor has there been in connection to any other major breach. After the Mastercard breach, there were no stories. After the Gawker breach, there were no stories. And yet I’m related to a guy who had his credit card abused after the Gawker incident.

    So because that was never on the news, it never happened?

    First of all it’s not a very interesting story, when you can simply rely on numbers and hyperbole. Secondly it definitely isn’t worth the effort involved. What journalist is going to call 77 million, or even 5 million, or five thousand people to ask them if they’ve been having any problems with their cards?


    It’s the same thing. Company screws up. Company pays. Even if they didn’t mean to kill people, and even if they didn’t mean to give all their personal information away.

    #20 3 years ago
  21. Phoenixblight


    Yes because News corps pay for people like this just like the guy who went on the news because he had gotten a 600$ bill from ATT for their IPhone and not reading the the contractual agreement.

    “It’s the same thing. Company screws up. Company pays. Even if they didn’t mean to kill people, and even if they didn’t mean to give all their personal information away.”

    No its not the same thing. THese people are looking for a quick buck for not receiving any damages whatsoever. 33 million people in america PSN and 55 cases pops up.

    #21 3 years ago
  22. DSB

    @21 I don’t see my brother getting his credit card used to buy Urdu bibles or Fifa games for some guy in Pakistan as being nearly as good a headline as “77 million accounts compromised” including keywords like “congress”, “homeland security”, “hackers” and “massive security breach”. Maybe my priorities are all screwy on that one.

    Somehow I doubt that a lot of lawyers would waste their time compiling a class action suit (which does include a hell of a lot of filing) without even the slightest example of someones info being abused.

    It stands to reason that if you give the internet 77 million peoples personal details, somewhere, someone is going to abuse that. Once that happens in a scale where you can justify filing class action, then all you need is a verifiable screw up on Sonys part.

    For the record it’s 55 class action lawsuits. Which means that the lawyer will have to justify his suit as a class action, in having too many plaintiffs to file the suits individually. Usually being accepted into a class action suit, at least with regards to serious ones, involves living up to very specific criteria.

    Like in the case of medication, having suffered actual harm as a result.

    #22 3 years ago
  23. DSB

    Here’s something:

    Again, this is a horrible job for any journalist, because there’s little chance of linking the abuse of those peoples credit cards to an actual breach. Maybe they just like Dutch animal porn? If I was a news editor, that would be a serious waste of resources, for a story that’s nearly impossible to verify.

    And it seems like most editors agree, since searching on something like “credit card abuse sony breach” mostly brings up said hyperbolic posts, containing said keywords.

    Either way, there’s a claim of a lot of people having their details abused.

    #23 3 years ago
  24. Phoenixblight


    “Zurich American, in its court papers, said 55 purported class-action complaints have been filed in the United States against Sony.” Thats all it says .

    You just need 1 person to file a class action lawsuit. so it can be 55 people or it could be 55 million though I am sure that number would have been in there. But Class action makes it sound like its a huge amount of people.

    #24 3 years ago
  25. DSB

    @24 Ah, that’s true. Although the lawyer will have to define that class in a hearing for the courts approval, and obviously anyone who fits the description will then be able to join the class action.

    Also, the general fee is 25-35%, and subject to court review. In other words, the judge is your guarantee against the worst vultures.

    #25 3 years ago
  26. Phoenixblight

    Thats just a general fee I was in a Class Action suit against a country club company and the lawyers took 60% which was 2-3 million the person who instigated 50k and people like me who worked 2 years a suffered the damage 200$.

    #26 3 years ago
  27. DSB

    The general benchmark is around 25%. Ultimately it has to be approved by a judge, so the responsibility rests with him or her.

    The lawyers in turn run the risks of doing a lot of work for 100% the total ammount of 0. So filing frivolous lawsuits generally isn’t the best business strategy.

    If my lawyer ran away with 60%, I’d sue :P

    #27 3 years ago

Comments are now closed on this article.