Sony is supporting the 6,791 employees whose personal information was revealed as a result of a cyberattack earlier this year with credit monitoring and identity restoration services.

Though it is “not aware of publication or misuse” of the personal information, Sony enlisted external cybersecurity experts to understand the extent of the breach in June. It also sought the assistance of law enforcement.

Bleeping Computer‘s report claimed that this was the work of the ransomware gang Clop who were able to “[exploit] a zero-day vulnerability in the MOVEit Transfer platform.”

Sony hack
A laptop in a dark room showing lines of code on its screen Credit: Markus Spiske via Unsplash

MOVEit is a file transfer program from developer Progress Software, who notified users of the vulnerability three days after the attack, on May 31.

Sony then realised that it had been hit in the attack by Clop and “immediately” pulled its MOVEit offline to investigate how damaging the hack had been.

Though it wasn’t able to pinpoint the precise date of the event, the Office of the Maine Attorney General confirmed that names and social security numbers of the 6,791 people who work for Sony were lifted in the security breach.

In September, Sony was hit with another attack from another ransomware group.

playstation 5 ps5 sony ps5 slim handheld
The PlayStation 5 Credit: Triyansh Gill via Unsplash

Ransomed.vc self-describes as a “leading company in digital peace tax” and attempts to scare companies into paying the ransom for their stolen sensitive files over paying a data protection fine from regulators.

The group had not specified what it was able to source from its hack, however, Sony was “currently investigating the situation” and added that there was “no further comment at this time”.

See also  CD Projekt Red denies Sony acquisition rumours

In other gaming news, Dino Lords is an upcoming historical simulation game that imagines an alternate timeline where Scandinavians used dinosaurs in the viking invasion of Britain.



Source