Creator: Spencer Platt | Credit: Getty Images | Copyright: 2016 Getty Images
Sony Interactive Entertainment (SIE), a significant player in the gaming industry, has confirmed a recent cybersecurity breach. The incident affected thousands of individuals in the U.S., marking another significant setback for the company.
According to Variety, the breach also reached beyond employees, affecting their family members. This expansion of the impact zone underscores the severity of the situation and highlights the far-reaching implications of such security breaches.
The breach occurred when an unauthorized individual exploited a weakness in the MOVEit Transfer platform, known as CVE-2023-34362. This flaw enabled the hacker to remotely control the system. The Clop ransomware gang, notorious for carrying out large-scale attacks, exploited this vulnerability, compromising several organizations worldwide, including Sony.
Sony discovered the breach on May 28, 2023, a few days before Progress Software, the company that created MOVEit, informed Sony about the vulnerability. Sony promptly took the platform offline and rectified the problem by June 2, 2023. They also enlisted the help of external cybersecurity experts for the investigation and informed law enforcement.
Although the breach was confined to the MOVEit Transfer platform and did not affect other systems, the personal information of 6,791 individuals in the U.S. was exposed. Sony has identified the exposed details but has chosen not to publicly disclose them. The company has offered credit monitoring and identity restoration services through Equifax until February 29, 2024, to those affected.
This is the second time Sony has experienced a security breach in the past four months. In the earlier incident, at least two separate hackers obtained and held a leaked dataset containing various details. However, there's no evidence that customer or business partner data was stored on the affected server or that any other Sony systems were compromised.
In conclusion, SIE has confirmed a recent data breach affecting thousands of individuals in the U.S., including employees and their family members. Sony acted swiftly to address the breach, engage external experts, and notify law enforcement. Those affected have been offered credit monitoring and identity restoration services. Sony continues to investigate both this incident and the earlier breach.
As we move further into the digital age, it's clear that cybersecurity must remain a top priority for all businesses. This incident serves as a stern reminder of the persistent threats of cybersecurity breaches in the digital era.
“This blog was written by the Activated Solutions team. If you are a business owner or an individual concerned about your cybersecurity, it's time to take action. Activated Solutions can help you to protect your business and personal data from potential cyber threats.
Contact Activated Solutions today to learn more about how they can help you protect your business. With our expertise and commitment to cybersecurity, you can have peace of mind knowing that you are taking proactive steps to protect yourself and your business from potential data breaches.
For more information, please visit: activatedsolutions.ca.”
Sources:
Cimpanu, Catalin. "Sony Confirms Data Breach Impacting Thousands in the U.S." Bleeping Computer. 18 Oct. 2023. [https://www.bleepingcomputer.com/news/security/sony-confirms-data-breach-impacting-thousands-in-the-us/]
Kovacs, Eduard. "Sony Confirms Data Stolen in Two Recent Hacker Attacks." SecurityWeek. 19 Oct. 2023. [https://www.securityweek.com/sony-confirms-data-stolen-in-two-recent-hacker-attacks/]
Spangler, Todd. “Hackers Breached Sony’s Networks and Accessed Personal Info of 6,800 Employees and Family Members.” Variety. 20 Oct. 2023. [https://variety.com/2023/digital/news/sony-data-breach-hack-6800-employees-family-members-1235747145/]
Comments