September 3, 2015
By Andrew Blake
Sony Pictures Entertainment has reached a settlement with nine former employees who sued after last year’s colossal data breach allowed their personal data to end up on the Internet.
A document filed this week in U.S. District Court for the Central District of California said plaintiffs and Sony have “reached an agreement in principle to settle all of the claims” related to the suit.
Terms of the deal have not yet been made public and still need to be approved by the court before being finalized.
Attorneys for the nine ex-Sony workers filed the claim in December after hackers breached the Hollywood corporation’s computer network and leaked a trove of stolen data on the Web, including unreleased movies, private emails between movie executives and the personal information of more than 47,000 people, including actors, contractors and employees.
In the initial filing, plaintiffs called the breach “an epic nightmare, much better suited to a cinematic thriller than to real life.”
“Sony failed to secure its computer systems, servers and databases, despite weaknesses that it has known about for years, because Sony made a ‘business decision to accept the risk’ of losses associated with being hacked,” their complaint alleged. “Sony subsequently failed to timely protect confidential information of its current and former employees from law-breaking hackers.”
Indeed, the plaintiffs claimed in a July filing they had become the victims of identity theft as a result of the breach after credit cards were said to have been opened up in their names using personally identifiable information published by the hackers.
A hearing to determine if the case can be elevated to class-action status is scheduled for later this month, but both sides have asked for a 45-day extension pending approval of the proposed settlement.
In December, the FBI says there was “enough information to conclude that the North Korean government is responsible” for the Sony hack.