Feeds

Sony insurer says it's not liable for costs of data breach

Sues game maker for saying otherwise

The Essential Guide to IT Transformation

Sony has been sued by its insurance company, which says the policy it issued doesn't cover a series of high-profile security breaches that exposed personal information associated with more than 100 million accounts.

A complaint filed Wednesday by the Zurich American Insurance Company (ZAIC) and the Zurich Insurance Company said the breaches have generated at least 55 class-action complaints against Sony in the US and three in Canada. Additionally Sony has been subject of investigations conducted by one or more state attorney general's offices, the US Federal Trade Commission, and the House Subcommittee on Commerce, Manufacturing, and Trade relating to the unauthorized access of its customers' data.

Sony has said more than 100 million accounts were affected and estimated the cost at $171 million.

The biggest of the breaches stemmed from an April hack attack on its PlayStation Network, which exposed names, addresses, email addresses, passwords, and other sensitive data for 77 million accounts. An attack on Sony Online Entertainment, the company's computer games service, breached the security of another 25 million accounts. Two months later, hackers gained unauthorized access to 50,000 more accounts created on the Sony Pictures website.

According to the complaint, Sony tendered the complaints and claims to Zurich and has demanded that the insurer defend it against the claims. It goes on to say ZAIC isn't obligated to cover the costs because Sony's insurance policy insures only against legal claims for "bodily injury", "property damage", and "personal and advertising injury".

"ZAIC therefore has no obligation to defend or indemnify the Sony defendants under the ZAIC Excess Policy for the claims asserted in the class action complaints or the miscellaneous claims," the complaint, filed in the Supreme Court of New York County, stated. It seeks a court ruling that none of the hack attacks qualify for coverage.

A PDF of the document is here. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.