Connect with us

Hi, what are you looking for?


Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Sony hacked

Sony this week shared information on the impact of two recent unrelated hacker attacks believed to have been carried out by a couple of known cybercrime groups.

One of the incidents is related to the investigation launched recently by Sony after a relatively new ransomware group named RansomedVC claimed to have compromised all of the company’s systems and offered to sell stolen data.

The screenshots the hackers initially made public to demonstrate their claims seemed to show that they obtained source code, access to Sony applications, and confidential documents. However, most of the content appeared related to Sony’s Creators Cloud media production solution, suggesting that their claims were exaggerated. 

In an updated statement on Wednesday, Sony told SecurityWeek that it has been investigating the claims with the help of third-party forensics experts and identified unauthorized activity on a single server located in Japan. The hacked server has been used for internal testing for the company’s Entertainment, Technology and Services (ET&S) business.  

“Sony has taken this server offline while the investigation is ongoing. There is currently no indication that customer or business partner data was stored on the affected server or that any other Sony systems were affected.  There has been no adverse impact on Sony operations,” the company said.

RansomedVC has now made available a 2Gb archive file allegedly containing information stolen from the Japanese electronics and entertainment giant. However, downloading the file does not seem to work at the time of writing. 

The second incident is related to the campaign in which the Cl0p ransomware group exploited a zero-day vulnerability in Progress Software’s MOVEit managed file transfer (MFT) software to gain access to the files of hundreds of organizations that had been using the product.

Cybersecurity firm Emsisoft has counted more than 2,300 impacted organizations and over 62 million individuals to date, but the numbers continue to increase. 

Advertisement. Scroll to continue reading.

Sony was among the first major companies to be listed on the Cl0p leak website as a victim of the MOVEit hack. The company this week informed the Maine attorney general that nearly 6,800 people were impacted by the MOVEit attack. 

In notifications sent to impacted people, Sony said it discovered on June 2 that hackers had downloaded files from its MOVEit platform. 

The data breach impacts current and former employees of Sony Interactive Entertainment and their family members. 

The sample data breach notice published on the Maine attorney general’s website does not say exactly what type of information was compromised, but it does specify that it was personal information. In addition, Sony is offering free credit monitoring and identity restoration services to impacted individuals, which suggests the information is sensitive. 

Related: Sony Launches PlayStation Bug Bounty Program on HackerOne

Related: Sony Hackers Linked to Many Espionage, Destruction Campaigns

Related: N. Korea Calls Sony, Wannacry Hack Charges Smear Campaign

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.