Sony Pictures Entertainment has failed to dismiss a legal action brought by nine ex-employees over the last year’s cyber attack.
A judge said the plaintiffs could pursue claims that the film unit of the Sony corporation had been negligent.
The plaintiffs are seeking to hold Sony liable for not bolstering security after previous breaches.
“We are pleased that the court has properly recognized the harm to Sony’s employees,” said lawyer Michael Sobol.
Many Sony employees had their personal details made public in 2014 when a group calling itself Guardians of Peace leaked data from the studio’s computers.
The nine plaintiffs claim Sony Pictures Entertainment violated a California confidentiality law by spurning security measures to stop the theft of employees’ salary and health data, Social Security numbers and other sensitive information.
Without ruling on their action’s merits, US District Judge Gary Klausner said Sony had created a “special relationship” with its employees by requiring them to provide personal information to be eligible for salaries and benefits.
The former workers said Sony’s negligence caused them economic harm and that the hack had been “an epic nightmare, much better suited to a cinematic thriller than to real life”.
The Interview, starring James Franco and Seth Rogen as journalists recruited by the CIA to assassinate Kim Jong-un, was initially withdrawn from cinemas but was later made available online.