Sony confirms data breach impacting thousands of workers

News
By published

Breach of Sony systems had been announced on the dark web

ID theft
Image credit: Pixabay (Image credit: Future)

Sony has confirmed reports that sensitive data from current and former employees had been stolen by outside forces.

In a breach notification letter sent out to affected individuals, Sony said that hackers leveraged a flaw in the MOVEit managed file transfer software to steal sensitive personal information belonging to them, or possibly their family members. 

As per the letter, the attack occurred on May 28, mere days before Progress - the company behind MOVEit - started warning its clients of a high-severity flaw in the application. 

List of victims grows

“On June 2, 2023, [Sony] discovered the unauthorized downloads, immediately took the platform offline, and remediated the vulnerability,” the letter added. “An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement,” Sony concluded.

While the company stressed that the breach was contained in this software platform and did not spill elsewhere on its network, it seems to have been enough, as sensitive data on 6,791 people in the U.S. was taken by a Russian financially motivated ransomware actor known as Cl0p.

In the meantime, Cl0p already listed Sony on its data leak site, and started selling the stolen goods, meaning that Sony wasn’t interested in negotiations or paying the ransom demand. In the ad posted on the dark web, a threat actor going by the name Ransomed.vc posted a small sample of the data, including screenshots of an internal log-in page, an internal PowerPoint presentation, and some Java files. In the ad, it was said that “all of Sony systems” were compromised. 

Cl0p breaching MOVEit MFT is slowly turning into one of the biggest cyber mess-ups of all time, up there with the likes of Log4j and GoAnywhere. MOVEit is a managed file transfer service, a tool used by organizations to share sensitive information - securely. The tool is used by countless organizations, including small and medium-sized firms, but also large organizations and enterprises. Cl0p has so far listed hundreds of firms whose data were stolen through a single vulnerability, a critical-severity SQL injection flaw tracked as CVE-2023-34362. It allowed Cl0p to remotely run code on vulnerable endpoints.

More from TechRadar Pro

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Lock on Laptop Screen
Clop ransomware lists Cleo cyberattack victims
Data leak
US utility giant says MOVEit hack exposed stolen data
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
59 organizations reportedly victim to breaches caused by Cleo software bug
Code Skull
Casio confirms data of 8,500 people exposed in recent ransomware attack
How to prevent cyberattacks
NTT admits hackers accessed details of almost 18,000 corporate customers in cyberattack
How to prevent cyberattacks
PowerSchool breach worse than thought, company says "all" student and teacher data accessed
Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Latest in News
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
More about security
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
An abstract image of a lock against a digital background, denoting cybersecurity.

Critical security flaw in Next.js could spell big trouble for JavaScript users
Garmin Fenix 7 on a blue background with the text lowest price

Garmin Fenix 7 falls to lowest-ever price in the Amazon Big Spring sale
See more latest
Most Popular
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
Google Pixel 9a being held, from the back
The Google Pixel 9a’s mysterious delay may have just been explained
Nintendo Sound Clock: Alarmo
Nintendo Sound Clock: Alarmo gets new update with more customizable features ahead of the Switch 2 Direct
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
ChatGPT Advanced Voice mode on a smartphone.
Talking to ChatGPT just got better, and you don’t need to pay to access the new functionality
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
Teenager playing on a gaming PC with two monitors
Samsung's OLED monitors are about to get much cheaper - and it's about time