Concern over personal details being leaked is mounting after a ransomware group claimed to have launched a devastating attack on global entertainment giant Sony.
According to a report by Cyber Security Connect, the group called Ransomed.vc said the hack was successful, despite being several typos and errors in the message itself: “We have successfully compromissed [sic] all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE.”
Ransomed.vc includes what is believed to be proof-of-hack data, with screenshots of an internal log-in page, an internal PowerPoint presentation outlining test bench details, and a number of Java files.
The group also also posted a file tree of the “entire” leak. The leak looks to have less than 6,000 files, which many argue that this number is too small for “all of Sony systems” to have been hit as they have claimed.
The group listed a “post date” of 28 September 2023. This means that if no one purchases the data, Ransomed.vc will publish it wholesale.
No price is listed for the data at this stage.
As of publishing, Sony has not released any statements on the possible hack on its websites.
Ransomed.vc appears to be both a ransomware operator in its own right and a ransomware-as-a-service organisation.
It claims to be a “secure solution for addressing data security vulnerabilities within companies” and says that it is operating “in strict compliance with GDPR and Data Privacy Laws”.
The group said that in the event the payment is not received, they are “obligated to report a Data Privacy Law violation to the GDPR agency”.
The news of the alleged hack had PlayStation gamers on social media in a frenzy, with many saying they hope it is not a repeat of the hack in 2011.
The 2011 PlayStation Network outage was the result of an “external intrusion” on Sony’s PlayStation Network and Qriocity services. Personal details from approximately 77 million accounts were compromised thus preventing users of the consoles from accessing the service.
Users were urged by others to “cancel their credit card” or to remove their details in the event it gets leaked and personal data gets sold.
However, it is important to note that at this point, it is not certain what has happened so it is best to not make rash decisions such as cancelling your credit card.
IOL