Has Sony been hacked again?

Ransomed.vc, a relatively new ransomware / cyber extortion group, claims to have hacked Sony and made off with valuable data.

Sony hacked

Sony allegedly hacked and its data held for ransom

“We have successfully compromissed all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE,” the group wrote on their leak site on Sunday.

They’ve also leaked some data meant to prove their assertion: a file tree of the entire leak (around 6,000 files) and several documents and screenshots. But, as noted by some, the offered proof does not unequivocably back their claims. (Also, Sony is a huge corporation with many divisions; saying that they have compromised “all Sony systems” cannot but be an exaggeration.)

Sony has yet to provide a comment on the situation and either deny or confim a possible breach.

“Ransomed.vc may be less known than major ransomware gangs like Cl0p or BlackCat, but when looking at the group’s history, they are responsible for a string of devastating attacks on financial organisations, data providers and managed IT companies,” Ryan McConechy, CTO of Barrier Networks, told Help Net Security.

“Furthermore, making false announcements on victims is something ransomware gangs avoid as it damages their reputations and profitability opportunities, so there is a strong possibility the claims are genuine, which means they must be investigated thoroughly.”

Mike Newman, CEO of My1Login, also notes that in most cases when attackers claim to have breached an organisation, they are being truthful.

“If the claims are accurate, it is essential Sony takes remediation action immediately. This includes running forensics to understand what data has been stolen and then working to reduce its value by updating systems.

“Additionally, Sony must also inform impacted parties so they can be on guard for phishing scams and be alert for further attacks. The incident will also act as a reminder to educate employees on the serious risk posed by cybercrime today and the need for them to be vigilant for attacks. This means being on guard for phishing and social engineering scams, and also improving corporate defences by removing credentials from the hands of employees.”

Previous Sony breaches

Sony is no stranger to hacks.

Its PlayStation Network (PSN) was breached in 2011 and the personal information and passwords of 70 million users was compromised. That breach was followed by many smaller ones.

In 2014 came the massive Sony Pictures Entertainment hack, which has been linked to state-affiliated North Korean hackers.

Don't miss