Cybercrime , Fraud Management & Cybercrime

Sony Investigating Potential Data Breach

2 Online Threat Actors Claim Responsibility
Sony Investigating Potential Data Breach
Image: Shutterstock

Sony is investigating an apparent leak of internal data posted onto the dark web and a criminal hacking board by separate criminal actors.

See Also: Webinar | Don't Get Hacked in the Cloud: The Essential Guide to CISOcial Distancing

The electronics and entertainment giant is saying little about the possible hack, telling Information Security Media Group and other outlets, "We are currently investigating the situation, and we have no further comment at this time."

Digital extortion group Ransomed - which in its short existence so far has proved not entirely reliable in its assertions - claimed on its dark web leak site to have "successfully compromissed all of sony systems." It posted a 2-gigabyte compressed data sample. "We wont ransom them! we will sell the data. due to Sony not wanting to pay."

A file with the same name is also available on the new BreachForums criminal forum from a user going by the handle "MajorNelson," who asserts that "RansomedVCs are scammers who are just trying to scam you and chase influence."

The file contains data such as certificates and an emulator for generating license and incident response policies, Major Nelson says. At least some of the data in the file does appear to pertain to Sony.

Ransomed came into existence in August but has already made a name for itself by extorting victims with a threat to out them to data protection authorities unless they pay. Extortion, Ransomed holds, is cheaper than disclosure (see: Tattletale Ransomware Gangs Threaten to Reveal GDPR Breaches).

If the files are authentic, it wouldn't be the first time hackers have made their way into Sony systems. Hackers in 2011 forced the shutdown of the PlayStation network, exposing the data of 77 million account holders. North Korean hackers in 2014 wiped Sony Pictures' digital infrastructure while leaking embarrassing internal emails in a bid to stop the movie studio from releasing "The Interview," a Seth Rogen comedy that depicts the fiery assassination of Pyongyang dictator Kim Jong Un.

About the Author

David Perera

David Perera

Editorial Director, News, ISMG

Perera is editorial director for news at Information Security Media Group. He previously covered privacy and data security for outlets including MLex and Politico.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.