Joystiq
Joystiq News
Sony Interactive Entertainment (SIE) has warned around 6,800 current and former employees that their personal data was accessed via a data breach, according to a seen by . The nature of the personal information stolen by hackers was redacted, but the company stated that a file transfer app called MOVEit was the source of the breach. It's the second report of an attack on Sony's operations within the last two weeks.
A ransomware group called CL0P claimed credit for the attack on May 28th, and MOVEit's vendor Progress Software notified Sony about the vulnerability on May 31st "On June 2, 2023, [we] discovered the unauthorized downloads, immediately took the platform offline, and remediated the vulnerability," Sony states in the letter to employees. "An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement."
The hackers reportedly gained access to personally identifiable information about US employees, so Sony is providing credit monitoring services to those affected.
Sony was first reported last week. In that case, the hackers accessed servers in Japan used for internal testing for its Entertainment, Technology and Services business, pilfering 3.14GB of data. A threat actor called Ransomed.vc for the attack, but that was denied by another group calling itself MajorNelson, which posted a sampling of files as proof. Sony said it was investigating the attack, adding "there has been no adverse impact on Sony's operations."
The company's PlayStation network was , and Sony Pictures was famously hacked in 2014, resulting in a massive leak of documents and content — including .
This article originally appeared on Engadget at
Console Bang News!
A ransomware group called CL0P claimed credit for the attack on May 28th, and MOVEit's vendor Progress Software notified Sony about the vulnerability on May 31st "On June 2, 2023, [we] discovered the unauthorized downloads, immediately took the platform offline, and remediated the vulnerability," Sony states in the letter to employees. "An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement."
The hackers reportedly gained access to personally identifiable information about US employees, so Sony is providing credit monitoring services to those affected.
Sony was first reported last week. In that case, the hackers accessed servers in Japan used for internal testing for its Entertainment, Technology and Services business, pilfering 3.14GB of data. A threat actor called Ransomed.vc for the attack, but that was denied by another group calling itself MajorNelson, which posted a sampling of files as proof. Sony said it was investigating the attack, adding "there has been no adverse impact on Sony's operations."
The company's PlayStation network was , and Sony Pictures was famously hacked in 2014, resulting in a massive leak of documents and content — including .
This article originally appeared on Engadget at
Console Bang News!