Ransomware group claims hack on ‘all Sony systems’

Entertainment giant Sony has launched an internal investigation after Ransomed.vc, a new ransomware group, claims to have hacked all of their systems.

“We have successfully compromissed [sic] all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE,” the group said on its dark web site and regular site, which is now no longer accessible.

The group listed a ‘post date’ of September 28, after which if the data is not purchased, it will be published for wholesale on the dark web. 

To prove their assertions, the group has released screenshots of an internal login page, several Java files, and a file tree, containing about 6,000 stolen user files. Cyber Security Connect suspects the validity and exaggeration of a hack on ‘all Sony systems’, as 6,000 files are small in the scheme of its large-scale operation. Despite this data, the claims still remain unverified.

“If the claims are accurate, it is essential Sony takes remediation action immediately. This includes running forensics to understand what data has been stolen and then working to reduce its value by updating systems,” Mike Newman, CEO of cybersecurity company My1Login states.

In a statement addressed to IGN, Sony says, “We are currently investigating the situation, and we have no further comment at this time.”

The hack conjures up memories of other large-scale data breaches Sony has been subject to. In 2014, a breach by North Korean hackers saw the social security numbers and financial records of Sony employees leaked, and in 2011, another hack compromised the personal information of over 70 million users. During that time, servers were taken offline for 23 days – a decade in video game time – forcing Sony to apologise not only to its players but developers whose game launches and online services were disrupted.

Ransomed.vc is both a ransomware operator and ransomware-as-a-service organisation that claims they are a “secure solution for addressing data security vulnerabilities within companies”. The group has only been in operation since September, though there are suggestions the gang has links to previous attacks and dark web forums. 

Its members operate out of Russia and Ukraine, executing attacks on major corporations like Sony, but also working with the EU’s general data protection and regulation laws (GDPR) to report violations and vulnerabilities in company systems.

While 6,000 files aren't as egregious as the data of 77 million users, the hack still puts user data at risk and breaks user trust. We’d recommend changing your PSN account details and staying on the lookout for any suspicious activity.