The attack and breach, discovered in April, potentially affected more than 100 million customers. Sony shut down the affected services and disclosed that user information had been stolen, including names, birthdates, passwords and possibly some credit card information.The attack and breach, discovered in April, potentially affected more than 100 million customers. Sony shut down the affected services and disclosed that user information had been stolen, including names, birthdates, passwords and possibly some credit card information. (Reuters)

Insurers for Sony are going to court in a bid to avoid paying compensation related to a cyberattack and massive data breach affecting the PlayStation Network, Sony Online Entertainment and Sony Pictures network.

The attack and breach, discovered in April, potentially affected more than 100 million customers. Sony shut down the affected services and disclosed that user information had been stolen, including names, birthdates, passwords and possibly some credit card information.

Since then, Canadian customers have launched three class action lawsuits against Sony and U.S. customers have launched 55, said a court document filed by the New York law firm Coughlin Duffy LLB on behalf of Zurich American Insurance Company and Zurich Insurance Company Ltd. this week in the Supreme Court of the State of New York.

One lawsuit filed by a 21-year-old Mississauga, Ont., woman alone claims damages in excess of $1 billion.

The Zurich companies are asking for a declaration that they are not obligated to defend Sony or compensate it for claims made in the lawsuits or future court actions that could be brought forward by the attorney general of a U.S. State.

They say only a few Sony subsidiaries qualify for insurance under some of its plans, and that the claims in the lawsuits are not for any of the things covered by the insurance plans.

Sony has up to 30 days to respond.

Timeline

  • April 16-17: Hackers break into Sony Online Entertainment.
  • April 17-19: Hackers break into Sony PlayStation Network and Qriocity.
  • April 19: Sony detects an "external intrusion" on its PlayStation Network.
  • April 20: Sony shuts down the PlayStation Network and Qriocity.
  • April 22: Sony says the networks are affected by "an external intrusion" and that it is investigating.
  • April 26: Sony announces that it believes "an unauthorized person" has obtained personal data of PlayStation Network and Qriocity users.
  • May 1: Sony Computer Entertainment executives apologize for the breach at a press conference in Tokyo.
  • May 2: Sony says Sony Online Entertainment was also affected by a malicious intrusion.
  • May 4: Sony provides details of its investigation to a U.S. Congressional subcommittee.
  • May 5: Sony CEO Howard Stringer apologizes and offers free identity theft insurance coverage to U.S. customers.
  • May 14: Sony starts restoring PlayStation Network services.