Sony Pictures Entertainment and its former employees appear to have reached a settlement in a proposed class-action related to a massive data breach at Sony late last year.
According to court documents in US District Court for the Central District of California, an order continuing deadlines in the discovery process was filed because the company and its employees have settled.
The lawsuit has yet to be certified as a class action. A hearing on that matter was scheduled for later this week. Sony Pictures was dealt a legal setback in June when a judged denied its motion to dismiss the case based on the plaintiffs’ lack of standing because the employees failed to allege injury.
Employees Michael Corona and Christina Mathis in March filed the federal suit in Los Angeles. It alleges Sony Pictures failed to protect its computer networks and failed to “timely protect confidential information” of current and former employees. The suit describes an “epic nightmare, much better suited to a cinematic thriller than to real life.”
Plaintiffs’ attorney Daniel C. Girard, of law firm Girard Gibbs, said an “agreement in principle on the material terms of a proposed settlement” was reached September 1 after a mediation session on June 11. In a court filing, Girard told the judge the two sides plan to complete the settlement over the next 45 days.
“We believe the proposed settlement is a favorable resolution to the claims asserted by the plaintiffs,” he wrote. “We believe the interests of class members will be best served if the proposed settlement is submitted for court approval.”
There were no other details about the settlement revealed in the court filing.
Corona and Mathis claims to have spent hundreds of dollars on identity theft protection and many hours on efforts to safeguard their identities. The former employees said the cyber attack stole tens of thousands of social security numbers, which were copied more than one million times. In a letter to employees following the November 2014 breach—supposedly the work of North Korea—Sony said the types of information that may have been stolen included names and addresses, social security numbers, driver’s license numbers, bank account and credit card information, and HIPPA-protected health information.