PlayStation confirms data breach compromised info of about 6,800 employees
According to Sony, the breach was due to a vulnerability in a file sharing platform was caught only after an unknown actor accessed the files.
This week, Sony Interactive Entertainment has addressed a massive data breach that left around 6,800 current and former employees’ data exposed and collected by hackers and ransomware groups. This breach apparently may have taken place as early as late May, and seems to be due to a critical vulnerability that was identified in a file transfer platform the company was using at the time. Sony has begun contacting employees affected, setting them up with identity recovery and protection, and cooperating with authorities to identify those who unlawfully accessed said information.
Sony shared its full address of the matter earlier this week, as reported by BleepingComputer. The company states that the breach was in relation to the MOVEit file transfer platform, which was used by company employees to send files back and forth. Progress Software, the developers and maintainers of MOVEit, shared on May 31 that a major vulnerability had been discovered, but before the vulnerability had been patched, an unauthorized party accessed files through the vulnerability. It was through this that they accessed the personal info of around 6,791 current and former Sony Interactive Entertainment employees based in the United States.
Following the breach, Sony reportedly sent an email to affected employees, of which a portion is shared below:
A ransomware group known as CL0P claimed responsibility for the breach, playing Sony on a list of “victims” it had targeted, as shared by cybersecurity Twitter FalconFeedsio. This also follows on the back of a recent and separate data breach in which a group known as Ransomed.vc claimed to have breached Sony’s systems and accessed a large amount of data throughout the company’s systems. Sony has stated it is also investigating that particular breach, but had little more to say at the time.
It seems that Sony and PlayStation are on the receiving end of a particularly abundant recent wave of cybersecurity breaches. We will continue to follow this and other Sony cybersecurity stories and updates as news becomes available.
-
TJ Denzer posted a new article, PlayStation confirms data breach compromised info of about 6,800 employees