There is no shortage of cyber attacks. We see several ransomware attacks towards big companies in an attempt to get some funds. Recently, we reported that there was a claim by a ransomware group that had breached all of Sony’s systems and was preparing to sell content stolen. While we are waiting for information to emerge from Sony on that particular attack, a separate attack that happened earlier this year is now confirmed. Sony claims this attack had breached just one system within Sony, and it has stolen employee information.
Thanks to VGC and BleepingComputer, we’re finding out that a Sony breach came through the MOVEit file transfer platform. This breach was found and quickly taken down from being accessed online. However, it wasn’t fast enough, as the hacker group CL0P had accessed nearly 7,000 employee details. This attack occurred in May of this year when Sony had to investigate and gather what information was compromised. In this case, it looks to only center around SIE files that featured both current and former SIE employees within the United States.
Sony has since reached out to these individuals and provided assistance to ensure their information is not being used for fraud. This investigation is still underway, and it’s not looking to be focused on the more recent claims that came from September of this year. It was last month that another ransomware group announced that they were able to breach Sony’s systems and had stolen several files that would be made available for purchase online. This is due to Sony refusing to pay the ransomware group.
We’re still waiting for information to emerge on this attack. According to the reports made by the ransomware group, it’s potential that this attack could be a rather big one. However, right now, we know that Sony has confirmed an investigation is underway. As a result, it’s hopeful that none of the information stolen is related to consumer accounts, which could prove to be incredibly disheartening for players who purchase content regularly on the PlayStation storefront.
Likewise, I’m sure Sony is hoping to avoid another big attack similar to what we saw in 2011, where millions of accounts were compromised. But again, right now, we know an investigation is underway, and we’ll have to wait and see just what Sony is able to uncover.
