.png)
Sony has acknowledged that the company fell victim to a cyber attack at the conclusion of May, potentially compromising the data of approximately 6,800 current and former employees, solely impacting those based in the United States.
The data breach is believed to have stemmed from a zero-day vulnerability within the file transfer software MOVEit Transfer from Progress Software, as Sony revealed in a letter to affected individuals, as reported by BleepingComputer. This particular vulnerability, identified as a SQL injection flaw and classified as CVE-2023-34362, allowed for remote code execution. Several Dutch companies also seemed to have potentially been impacted by this exploit. The ransomware group CLoP has claimed responsibility for the attack on Sony, which transpired on May 28, days before Sony became aware of the zero-day vulnerability and subsequently remediated it. Sony has stated that there have been no known instances of the stolen data being misused.
Just a week prior to this cyber incident, Sony was involved in another purported ransomware attack. A relatively obscure hacking collective known as RansomedVC alleged to have compromised 'the entire Sony'. However, this assertion initially seemed implausible, as the evidence provided was scarce and inconsequential, as per BleepingComputer.
Interestingly, shortly thereafter, a different hacker group claimed responsibility for the same ransomware attack. This second group claimed to have obtained data such as certificates, credentials for various services, and protocols for responding to cyber attack incidents. It is highly probable that both groups are referring to the same set of data. Sony has not officially confirmed this cyber attack, and as of now, there is no indication that it is related to the exploitation of the MOVEit vulnerability.
English (US)