Sony is dealing with what could be a major potential data security breach, as a ransomware group is trying to sell stolen data it's taken from "all Sony systems" which may include PlayStation. While it's impossible to tell whether the ransomware group's claims are accurate, it's nevertheless made posts online attempting to begin negotiations for the sale of Sony's data through encrypted proxies. The group also claims that it tried to ransom the data to Sony directly, but that Sony rejected its offer.
In a report from CyberSecurityConnect, details regarding the security breach from Ransomed.vc on Sony were shared. A statement from the ransomware groups explains that it "successfully compromised [sic] all of Sony Systems" and that it is selling all the data that it stole. The statement mentions having data specifically from Sony Group Corporation and Sony Corporation, though it also states that the data is from "SONY.com" elsewhere. Whether data was genuinely stolen or not has not been verified, either by Sony or third parties.
There is evidence of some kind of data leak, though. The ransomware group provides both a sample of the data it's selling and a file tree of all that was taken. The data comprises fewer than 6,000 files of unclear origin, which perhaps means it's more limited than implied. CyberSecurityConnect's report mentions that the leak includes various log files, Java resources, and HTML files. Many of these files appear to have Japanese characters. There was no mention of whether PlayStation or PlayStation hardware is involved.
The Randsomed.vc statement also mentions that it's only offering the Sony data publicly because an attempted ransom directed at Sony was rejected. "Due to Sony not wanting to pay. DATA IS FOR SALE," reads the message. No price is mentioned for the data. Potential buyers are told to message the ransomware group via the encrypted chat software Tox.
Source
In a report from CyberSecurityConnect, details regarding the security breach from Ransomed.vc on Sony were shared. A statement from the ransomware groups explains that it "successfully compromised [sic] all of Sony Systems" and that it is selling all the data that it stole. The statement mentions having data specifically from Sony Group Corporation and Sony Corporation, though it also states that the data is from "SONY.com" elsewhere. Whether data was genuinely stolen or not has not been verified, either by Sony or third parties.
There is evidence of some kind of data leak, though. The ransomware group provides both a sample of the data it's selling and a file tree of all that was taken. The data comprises fewer than 6,000 files of unclear origin, which perhaps means it's more limited than implied. CyberSecurityConnect's report mentions that the leak includes various log files, Java resources, and HTML files. Many of these files appear to have Japanese characters. There was no mention of whether PlayStation or PlayStation hardware is involved.
The Randsomed.vc statement also mentions that it's only offering the Sony data publicly because an attempted ransom directed at Sony was rejected. "Due to Sony not wanting to pay. DATA IS FOR SALE," reads the message. No price is mentioned for the data. Potential buyers are told to message the ransomware group via the encrypted chat software Tox.
Source
