According to reports, the notorious ransomware group, Ransomed. vc, has successfully infiltrated and compromised all systems owned by the Sony Group. This cybercriminal organization has now made a public announcement, revealing its intention to sell the stolen data.
The breach of Sony Group’s systems by Ransomed. vc is a significant cause for concern, as it potentially exposes sensitive and confidential information belonging to the multinational conglomerate. With access to all systems, the ransomware group may have obtained a vast amount of data, including intellectual property, financial records, employee information, and potentially even unreleased content.
The announcement made by Ransomed.vc indicates their intention to monetize the stolen data by selling it to the highest bidder. This poses a severe threat to Sony Group, as the leaked information could be exploited by malicious actors for various purposes, such as corporate espionage, identity theft, or even blackmail.
The repercussions of this breach extend beyond Sony Group itself. Customers, partners, and stakeholders associated with the conglomerate may also be at risk, as their personal and financial information could be among the pilfered data. The potential damage to Sony Group’s reputation and financial standing cannot be underestimated, as the fallout from such a breach can have far-reaching consequences.
In response to this breach, Sony Group must act swiftly and decisively to mitigate the damage caused by Ransomed.vc. This includes launching a thorough investigation to determine the extent of the breach, identifying the vulnerabilities that allowed the ransomware group to gain access, and implementing robust security measures to prevent future attacks.
Additionally, Sony Group must prioritize the protection of its customers and stakeholders by promptly notifying them of the breach and providing guidance on how to safeguard their personal information. Collaborating with law enforcement agencies and cybersecurity experts is crucial to track down the perpetrators and hold them accountable for their actions.
The incident serves as a stark reminder of the ever-present threat posed by cybercriminals and the need for organizations to remain vigilant in safeguarding their systems and data. As ransomware attacks continue to evolve and become more sophisticated, it is imperative for companies like Sony Group to invest in robust cybersecurity measures, employee training, and proactive threat intelligence to stay one step ahead of these malicious actors.
Although its claims have yet to be verified, Cyber Security Connect has reported that the recently emerged ransomware newcomer has managed to accumulate a significant number of victims since its emergence last month.
The group boldly declared on both the clear and dark nets that they had successfully compromised all of Sony’s systems. They further stated that instead of demanding a ransom, they intend to sell the data due to Sony’s refusal to pay. They explicitly stated, “DATA IS FOR SALE.”
Cyber Security Connect has indicated that the group has released some evidence of their hacking activities. However, they have noted that this evidence does not appear to be particularly convincing at first glance.
The aforementioned materials consist of what appear to be screenshots of an internal login page, an internal PowerPoint presentation, several Java files, and a file tree of the leaked data, which seemingly contains fewer than 6,000 files.
The group has indicated a “post date” of September 28, which suggests that if the data is not purchased by anyone, Ransomed. vc will release the data in its entirety.
Ransomed. vc is reputed to function as both a ransomware operator and a ransomware-as-a-service organization.
The group asserts that it provides a “secure solution for addressing data security vulnerabilities within companies” and operates “in strict compliance with GDPR and Data Privacy Laws”.
The group states, “In cases where payment is not received, we are obligated to report a Data Privacy Law violation to the GDPR agency!”
According to reports, the majority of Ransomed. VC’s members operate from Ukraine and Russia.
VGC has reached out to Sony for comment on this report and will provide an update if a response is received from the company.
In 2011, Sony’s PlayStation Network experienced a significant breach that resulted in the compromise of personal details from approximately 77 million accounts and the suspension of the service for 23 days.
Initially, Sony estimated that the hack would cost them over $100 million, and they were compelled to apologize not only to players but also to developers whose game launches were disrupted or whose online services were rendered unavailable.
Sony eventually faced a total of 55 class action lawsuits and made the decision to provide compensation to those affected, which included the provision of complimentary games.
During this period, Jack Tretton, the US head of PlayStation, expressed his gratitude towards the customers, acknowledging their significance as the lifeblood of the company. He personally extended his apologies, recognizing their unwavering support that continuously humbled and amazed the company.
In addressing Sony’s third-party publishing partners, Tretton acknowledged the financial impact caused by the outage. He emphasized their crucial role in Sony’s success, stating that the company would not have achieved its current position without their contributions. Furthermore, he reassured them of Sony’s unwavering commitment to ensuring an enjoyable and secure PlayStation experience for all users.