Sony has launched a major internal investigation after a hacking group claimed to have pulled off one of the highest profile data breaches of the year at the expense of the Japanese tech giant. However, multiple parties are now claiming responsibility for the alleged Sony hack and conflicting data dumps have been made to further muddy the waters.
The first claims made by previously unknown Ransomed.vc ransomware crew are still to be independently verified and a hacker called “MajorNelson” has subsequently claimed responsibility for the breach. Both parties have shared data purporting to have been stolen from Sony online, but whoever is behind the attack, the threat of having its data sold by cyber criminals on the dark web is enough to have jolted Sony into action.
“We have successfully compromised [sic] all of sony systems. We won’t ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE,” Ransomed.vc is said to have posted on both the dark and surface webs, when it initially claimed to have hacked Sony.
Did Sony Get Hacked Again — and by Who?
News that Sony may have been hacked was first revealed by Cyber Security Connect, who claim that Ransomed.vc shared evidence of the hack with the Australian website including a number of internal documents such as a PowerPoint presentation and a number of Java files.
The specialist security site notes that the 6,000 Sony files claimed to be part of the leak is “small” in the scheme of Sony's overall operation, which brings into question the idea that “all of Sony's systems” have been compromised. It's not quite that straightforward, though. Conducting its own investigation into the claims, Bleeping Computer reports that Ransomed.vc contacted it to boast of having stolen a much more sizeable 260GB of Sony's data.
🔎 Want to browse the web privately? 🌎 Or appear as if you're in another country?
Get a huge 86% off Surfshark with this special tech.co offer.
That security website, which has a strong reputation in its field, didn't find evidence of a breach of that size, however. The sample data it could directly link to Ransomed.vc only amounted to a teeny 2MB, while a larger (but still not ginormous) 3.14GB data dump was shared for free by a different threat called “MajorNelson” after the iconic former Xbox developer and blogger.
Their dump contained the following files, which include all of the data shared by Ransomed.vc, which is where the provenance of the alleged hack becomes so contentious.
- SonarQube
- Creators Cloud
- Sony's certificates
- A device emulator for generating licenses
- qasop security
- Incident response policies
- and more.
Whatever the case, with echoes of the infamous PSN hack of 2011, Sony is apparently taking the potential breach seriously and has issued statements confirming it is “investigating” the situation.
Don't fall victim to cybercriminals, check out the best antivirus software for businesses today
What Happened in the 2011 Sony PSN Hack?
Back in 2011, there was no doubt about it: Sony was hacked and the consequences were catastrophic, both for the company and for users of its popular PlayStation Network online gaming platform.
Some 77 million Sony PlayStation Network (PSN) user accounts were hacked and the PSN was taken offline as a result, staying down for over a month. Sony was even dragged in front of Congress to explain itself, such was the severity of that breach.
This was followed in 2014 by another devastating breach, this time of the Sony Pictures Entertainment division, which was chalked up to North Korean state hackers.
Who Are Ransomed.vc?
That's the big question and the short answer is: No one seems quite sure yet. The ransomware group is a previously unknown entity on the cybercrime scene but is broadly understood to be both a ransomware operator and provider of ransomware-as-a-service (RaaS).
Confusingly, there are even suggestions of white hat hacking about the group and its ultimate motives, with Techbriefly reporting, that the outfit advertises itself as a “secure solution for addressing data security vulnerabilities within companies” and promises to uphold both European GDPR and broader data privacy standards. It adds that the group does not take payment for the data it obtains, as is suggested by its threat to simply dump Sony's data online.
In terms of that threat, the group says September 28th is the date it will share the contents of its hack. However, this date has thus far passed with no major new information, beyond the controversy in hacker circles over who is actually responsible for the 2023 Sony breach — if indeed the company has been breached at all.
Stay tuned for more, as we'll continue to update this article with the latest Sony hack news as it becomes available.
Now Read: Key Ransomware Statistics in 2023