Sony Ups Compensation Offer, as Scrutiny over PlayStation Network Breach GrowsMay 6, 2011 | Parker Waichman LLP
There have been several important developments in the Sony PlayStation Network security breach debacle. These include a sweetened compensation offer from Sony for network users whose personal information may have been compromised by the breach, as well as news that attorneys general from New York and Rhode Island have entered the fray.
As we reported yesterday, the Sony PlayStation Network hack has now grown to ensnare more than 100 million users of the PlayStation Network, Qtriocity and Sony Online Entertainment (SOE) network. Sony learned on April 19 that the PlayStation Network and Qtriocity services had been compromised, but did not inform users until April 26. On May 2, it announced that information belonging to users of the SOE service had also been accessed. The information that was hacked could include credit card numbers, addresses, user names and any other contact info. Because of the breach, the networks have been taken offline temporarily.
Sony can't say for sure if the hackers got access to credit card information, but some media sources report that there have been attempts to sell such information on underground online message boards by individuals claiming to be the hackers.
Initially, Sony customers only offered its customers 30 or 60 day free memberships on its PlayStation Network in way of compensation. But since being hit with at least two class action lawsuits, the company has upped the compensation package to include a year’s subscription to the AllClear ID Plus identity theft prevention service. The monitoring service includes a $1 million insurance policy to cover any losses due to identity theft.
According to a posting on the PlayStation blog, Sony will be sending out activation emails for the program over the next few days, and customers will have until June 18th to sign-up and redeem their code.
Meanwhile, The New York Times has reported that New York Attorney General Eric Schneiderman has subpoenaed three Sony divisions seeking information on the way it handles the protection of customers’ personal information. The three divisions receiving the summons include Sony Computer Entertainment America, Sony Network Entertainment and Sony Online Entertainment.
And finally, the Rhode Island Attorney General has written to Sony asking questions about the breach. Among other things, the April 28th letter asks whether any Rhode Islander’s credit card information was stolen. An official with the Rhode Island Attorney General's office told WPRI News that the office was "surprised by the lack information that came out and the time it took Sony to notify people . . ."