A class action suit was filed this week in San Diego, alleging that Sony made its online services less safe by laying off important staff just before the April security breach. The suit, against Sony Corporation of America, Sony Computer Entertainment America, Sony Pictures Entertainment and Sony Network Entertainment International, is based on testimony from confidential witnesses (ex-Sony employees) who claim that Sony knew its security was compromised due to previous, smaller-scale intrusions. An SOE platform engineer claims that "Sony's technicians only installed firewalls on an ad-hoc basis after they determined that a particular user was attempting to gain unauthorized access to the network."
The suit also alleges, as stated by another confidential witness, that Sony "spent lavishly" on security measures for its own PS DevNetwork, but didn't put the same effort or budget into securing users' data.
Sony Online Entertainment enacted large-scale layoffs in March of this year -- just weeks before the massive data breach. One witness quoted in the claim said that those layoffs included staff from the company's Network Operations Center, which would have been instrumental in addressing a data breach.