Sony Investigating Potential Data Breach2 Online Threat Actors Claim Responsibility
Sony is investigating an apparent leak of internal data posted onto the dark web and a criminal hacking board by separate criminal actors.
The electronics and entertainment giant is saying little about the possible hack, telling Information Security Media Group and other outlets, "We are currently investigating the situation, and we have no further comment at this time."
Digital extortion group Ransomed - which in its short existence so far has proved not entirely reliable in its assertions - claimed on its dark web leak site to have "successfully compromissed all of sony systems." It posted a 2-gigabyte compressed data sample. "We wont ransom them! we will sell the data. due to Sony not wanting to pay."
A file with the same name is also available on the new BreachForums criminal forum from a user going by the handle "MajorNelson," who asserts that "RansomedVCs are scammers who are just trying to scam you and chase influence."
The file contains data such as certificates and an emulator for generating license and incident response policies, Major Nelson says. At least some of the data in the file does appear to pertain to Sony.
Ransomed came into existence in August but has already made a name for itself by extorting victims with a threat to out them to data protection authorities unless they pay. Extortion, Ransomed holds, is cheaper than disclosure (see: Tattletale Ransomware Gangs Threaten to Reveal GDPR Breaches).
If the files are authentic, it wouldn't be the first time hackers have made their way into Sony systems. Hackers in 2011 forced the shutdown of the PlayStation network, exposing the data of 77 million account holders. North Korean hackers in 2014 wiped Sony Pictures' digital infrastructure while leaking embarrassing internal emails in a bid to stop the movie studio from releasing "The Interview," a Seth Rogen comedy that depicts the fiery assassination of Pyongyang dictator Kim Jong Un.