Sony’s online PlayStation Network was recently a victim of cyber piracy, and no one knows when the service will resume operation. More concerning for students could be the breach of data that occurred, and how it will affect the privacy of thousands of PSN users.

The privacy of PSN customers was compromised April 17 due to an unknown professional hacker. The process by which the hacker obtained 77 million customers’ information is still unknown, but is suspected to have been done through a corrupted email sent to a Sony administrator, which then introduced software that allowed the hacker to access formerly secure files. 

While the issue of credit fraud and identity theft still proves to be a major threat to millions, a greater issue is the violation of multiple states’ legislations that occurred with Sony’s hesitation to release information to the public. Although Sony became aware of the hacking April 17, the public was not notified until April 26. By taking the liberty of time in contacting potential fraud victims, Sony might have broken several states’ technological privacy laws.

In light of possible credit card fraud, David Baumer, department head in the College of Management, advises to “call your credit card company immediately and inform them of the possible unauthorized purchases from your account.”

But customers of the PlayStation Network were not given this opportunity, which could mean huge monetary loss for customers. If a credit card company is notified of the possibility of identity theft within 24 hours of the breach, the maximum loss of the customer will be around $50 most of the time; however, when notification is delayed, it becomes harder to differentiate unauthorized purchases in an account from legitimate ones.

Baumer points out there have been similar situations in the past regarding breaches in privacy that have caused the government to create legislation in response. 

As an example Baumer cited Choicepoint, a California company that was at fault in the identity thefts of approximately 5,000 customers. Affected customers were not notified of the potential compromise to their accounts until six months after Choicepoint first discovered the breach. This case laid down a precedent for the laws regarding privacy. 

“The Choicepoint case established a requirement for when big firms are hacked; customers affected must be notified as soon as possible. That’s why Sony is in such hot water. They’ve been aware of hacking, they’ve known for over a week, but they haven’t notified their customers,” Baumer said.

The first of what could be several class-action lawsuits was filed in California Wednesday. The Rothken Law Firm alleges Sony “failed to take reasonable care to protect, encrypt and secure the private and sensitive data,” according to IGN.com.

Before the Rothken suit was filed, Baumer said class-action suits against Sony were very possible.

“All we know is that information entrusted to Sony, who said that they valued our privacy with state of the art security, was in fact compromised,” Baumer said.

PlayStation representatives have released the following statement: “We regret that PlayStation Network and Qriocity Services have been suspended and we are working around the clock to bring them both back online. Unfortunately, we do not have a time frame for when these services will resume.”