Sony has confirmed that it has suffered a security breach with which the attackers have obtained sensitive information of your employees, both current and staff who no longer work for the company. According to Techradar, those responsible have notified those affected, noting that the attack occurred at Exploit a flaw in MOVEit managed file transfer softwareand not only could it affect Sony workers, but it could possibly also affect some of their family members.
Apparently the attack took place on May 28, just a few days before Progress, the developer of MOVEit, began notifying its customers that there was a serious flaw in the application. Sony discovered the attack in early June.
So, “On June 2, 2023, Sony discovered the unauthorized downloads, immediately took the platform offline and patched the vulnerability.«. Besides, “He then launched an investigation, with the help of cybersecurity experts outside the company.«. The company also notified various government security agencies of what happened.
Despite the measures taken, and the fact that the breach in the software platform was contained and did not expand to any other point in the network, the attackers managed to steal important information from 6,791 people in the United States. The perpetrators of the attack, apparently, are members of a Russian ransomware group called Clop, which usually acts for money.
The group has included Sony in the list of data leaks on its website, and has begun selling the stolen data, which means that Sony has not responded to its ransom demands for the obtained data to be handed over, and has not has paid the amount requested.
In the announcement they have placed on the dark web, a certain Ransomed.vc has published a small sample of the data, with screenshots of an internal connection page, an internal presentation and some files with Java code. The announcement mentions that all Sony systems were compromised.
The MOVit breach exploited by Clop is becoming a significant cybersecurity incident, as the tool used for data extraction It is software that companies use to send and receive sensitive information securely. It is used by many companies of all sizes, even multinationals. The latter are the ones most likely to suffer a breach like the one that led to data theft at Sony.
So far, Clop has named several hundred companies that have had data stolen through a single vulnerability: a critical security flaw allowing SQL injections that has allowed Clop to remotely execute code on vulnerable endpoints.
