Monday, September 25, 2023
A ransomware group known as Ransomed.vc has claimed to have successfully breached Sony Group and is threatening to sell stolen data from the company.
While these claims have not been independently verified, Ransomed.vc has gained notoriety in the past month by targeting multiple victims.
The group boldly said, "We have successfully compromised [sic] all of Sony systems," and indicated that they intended to sell the data due to Sony's reluctance to pay a ransom.
They posted some proof-of-hack data, which includes screenshots of an internal login page, an internal PowerPoint presentation, Java files, and a file tree containing fewer than 6,000 files.
Ransomed.vc has set a "post date" of September 28, after which, if no one purchases the data, they will presumably release it to the public. The group is described as both a ransomware operator and a ransomware-as-a-service organisation.
They claim to offer a "secure solution for addressing data security vulnerabilities within companies" and state that they operate in compliance with GDPR and Data Privacy Laws. They also warn that non-payment could lead to reporting a data privacy law violation to the GDPR agency.
Most of Ransomed.vc's members are believed to operate from Ukraine and Russia. VGC (Video Games Chronicle) has reached out to Sony for comment on this situation.
Sony has faced cybersecurity challenges in the past. In 2011, the PlayStation Network (PSN) experienced a major breach, compromising the personal details of approximately 77 million user accounts. The breach resulted in a 23-day outage of the PSN and significant financial costs for Sony.
The company estimated that the hack would cost more than $100 million. Sony issued apologies to users and developers affected by the disruption and faced numerous class-action lawsuits.
It remains to be seen how Sony will respond to these latest claims by Ransomed.vc and whether any user data has indeed been compromised.