Sony admits SIE employees' data breach in May, September cyberattacks
Sony has notified around 6,800 current and former Sony Interactive Entertainment (SIE) employees about a system breach in May, per Bleeping Computer. They also received confirmation about another breach that occurred in September. Sony is investigating the second breach, as hackers stole 3.14GB of data from the company's server in Japan, leaking files that include data from SonarQube platform, certificates, a license generator, and Creators' Cloud. The server has been taken down and an investigation is in progress.
Vulnerability in MOVEit Transfer platform exploited in previous case
According to Sony, Progress Software, the creator of MOVEit Transfer, warned clients like Sony about a security flaw in their platform on May 31. After this alert, SIE found out that a breach had happened on May 28, with hackers downloading data from the server, which held the personal information of US-based employees. Sony has since fixed the vulnerability and is offering credit monitoring services to those affected.
CL0P ransomware group claimed responsibility
In June, the CL0P ransomware group claimed they were behind the cyberattack on Sony's server, adding the latter to their list of victims. This group is notorious for targeting high-profile organizations and demanding ransoms to keep stolen data under wraps. In this instance, they used a weakness in the MOVEit Transfer platform to access the server containing employee data without authorization. This event highlights the increasing risk of ransomware attacks on businesses and organizations around the world.
Sony takes action to protect affected employees
To address these security breaches, Sony has taken action to safeguard its employees whose data was compromised. The company is providing credit monitoring services to those impacted, helping them track their credit reports and spot any unusual activity. Sony has resolved the vulnerability in the MOVEit Transfer platform to prevent future attacks. Additionally, the company is working with third-party forensics experts for the recent incident. This situation emphasizes the need for strong cybersecurity measures for companies handling sensitive employee data.
