Sony’s month from hell just got even worse, following a new class action lawsuit that accuses the company of poor security practices and seeks compensation for more than 15,000 current and former employees that have had their personal information published by hackers.
“An epic nightmare, much better suited to a cinematic thriller than to real life, is unfolding in slow motion for Sony’s current and former employees,” says the suit, which was filed on Monday in Los Angeles federal court.
The lead plaintiffs in the case are Michael Corona, a former employee of [company]Sony Pictures[/company] who says he has spent $700 and 40-50 hours resolving identity theft issues, and Christine Mathis, who says her data has been compromised even though she hasn’t worked at Sony for 12 years.
They accuse [company]Sony[/company] of negligence for failing to secure its network, and not taking adequate steps to protect employees once the company knew the information was compromised.
The complaint also cites various security and news reports to say that Sony lost the cryptographic “keys to the kingdom,” which allowed the hackers to root around in its system undetected for as long as a year.
The lawsuit, which also accuses Sony of violating state laws in California and Virginia, also says that the company should have tightened up its security practices after a previous incident in 2011 that saw hackers steal information from millions of PlayStation owners.
Meanwhile, the hackers have reportedly threatened movie theaters with terrorist acts if they screen the upcoming movie “The Interview,” a Seth Rogen comedy about North Korea that reportedly gave rise to the attack.
Here’s the complaint with some of the relevant parts underlined.