Perhaps Sony took the biggest sigh of relief after LulzSec posted an announcement declaring an end to its 50-day hackathon, but there's still plenty of work to be done. The next step for Sony is to defend itself from (or settle) a class action lawsuit accusing the firm of being negligent with online security, negligence that ultimately led to numerous attacks and the loss of private data, including credit card information.
"Sony was more concerned about their development server being hacked rather than some consumers' data being stolen," according to a confidential witness quoted in the complaint, Arstechnica reports. "They want to protect themselves and not the people that use their servers."
The suit further alleges that Sony "spent lavishly to secure its proprietary development server containing its own sensitive information," but didn't offer the same level of protection for its customers. What's more, the suit says Sony fired several security gurus leading up to the attacks.
"Just two weeks before the April breach, Sony laid off a substantial percentage of its Sony Online Entertainment workforce, including a number of employees in the Network Operations Center, which, according to Confidential Witness 2, is the group that is responsible for preparing for and responding to security breaches, and who ostensibly has the skills to bring the Network's security technology up-to-date."
The suit seeks restitution for class members as well as unspecified damages.