NEW YORK (Reuters) - Sony Corp laid off employees in a unit responsible for network security two weeks before a massive data breach, according to a lawsuit filed this week.
Sony has been under fire since April, after hackers accessed personal information on 77 million PlayStation Network and Qriocity accounts, 90 percent of which are users in North America or Europe.
The company said at the time credit card information may have been stolen, sparking lawsuits and casting a shadow over its plans to combine content and hardware products via online services.
Sony later revealed hackers had stolen data from 25 million users of a separate system, its Sony Online Entertainment PC games network, in a breach discovered on May 2.
In a lawsuit filed in a San Diego federal court on Monday, a proposed class of Sony customers says the company knew it was at increased risk of attack because it had experienced prior, smaller breaches.
A Sony representative did not immediately respond to a request for comment on Thursday.
Additionally, Sony laid off “a substantial percentage” of its Sony Online Entertainment workforce, including “a number” of employees in its Network Operations Centre, says the lawsuit, which cites a confidential witness.
The Network Operations Centre is responsible for preparing for, and responding to, security breaches, the lawsuit said.
Sony installed appropriate firewalls and other security measures to protect its own sensitive data, but chose not to do the same for customer data, the lawsuit said.
The case in U.S. District Court, Southern District of California is Felix Cortorreal, Jacques Daoud Jr. and Jimmy Cortorreal, on Behalf of Themselves and All Others Similarly Situated v. Sony Corporation Inc. et al, 11-1369.
Reporting by Dan Levine, editing by Bernard Orr