Sony breach: company investigating ransomware claims

Attackers claim that Sony Group Corporation, a Japanese multinational conglomerate corporation, has had its systems compromised. The company says its looking into the situation.

Cybercriminal cartel RansomedVC posted Sony on its dark web blog, which the gang uses to showcase its latest victims. The attackers claim that they‘ve breached the Japanese tech and media behemoth and compromised all of its systems. Meanwhile, Sony says the company is examining the claims.

“We are currently investigating the situation, and we have no further comment at this time,“ the Sony's representative told Cybernews.

The cybercrooks say that they’ll no longer demand a ransom payment from Sony, as the company refused to pay. Instead, the attackers say that they plan to sell the stolen dataset. This is a common tactic among ransomware cartels: victims who refuse to pay are threatened with their data being sold to the highest bidder.

Sony ransom note
Post selling data allegedly taken from Sony. Image by Cybernews.

The price that the attackers have set for a dataset supposedly covering all of Sony‘s systems stands at $18,000.

According to the Cybernews research team, the data sample that the attackers provided in the post doesn’t reveal a great deal about the quality or importance of the data. The sample contains a PowerPoint presentation, a couple of screenshots of what looks like an internal Sony workstation, and a few Java files.

After the first post regarding allegedly stolen Sony data, another forum user posted an ad on the same data leak forum, saying that he was offering the data for free. The user claims the leaked database includes credentials for the company's internal systems, SonarQube and Creators Cloud data, Sony's certificates, a device for generating licenses, and other information.

If confirmed, the attacks would mark the second time that Sony has been breached in the past three months. In late June, the Cl0p ransom gang named Sony as one of its victims in the infamous MOVEit Transfer hacks.

The Tokyo-headquartered Sony Group, including its electronics division, PlayStation, and Sony Entertainment, is no stranger to cyberattacks.

In 2011, the hacktivist group Anonymous infamously breached Sony’s PlayStation network in a less complicated distributed denial-of-service (DDoS) attack.

The nearly month-long attack incapacitated the PlayStation network, preventing players from accessing gaming services and compromising the personal accounts of over 77 million players.

RansomedVC is a relative newcomer, first observed in 2023. The group has already targeted the Hawaii Health System, TransUnion, and other organizations.

More from Cybernews:

Medus4 hacktivist: Meta & co, we are on to you

$200 million stolen in Hong Kong crypto heist

Taliban expands mass surveillance, meets with China's Huawei

Three US firms add over a million MOVEit victims

Robotic spacecraft drops asteroid sample in Utah desert

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked