Sony Interactive Entertainment (SIE) has contacted 6,791 employees, former and current, warning of potential unauthorized data access by hackers.
According to Sony, the security breach happened in May, while another cyberattack occurred in September. The reports confirm that the Japanese tech giant experienced two hacking incidents in four months.
Cl0p, a ransomware group, claimed they were responsible for illegally accessing Sony’s server in June. The breach took place by exploiting a vulnerability in the file-sending MOVEit Transfer platform utilized by SIE.
Sony said MOVEit Transfer developer Progress Software had informed its clients, including the conglomerate, about the vulnerability on May 31. SIE later found that the attack happened on May 28, and hackers had already obtained data off the server.
The server held personally identifiable information of its staff in the US. Sony is running credit monitoring for the affected employees and has since resolved the issue.
Last month, SIE started looking into a second breach in which hackers obtained 3.14GB of data. Reportedly, Sony verified that it was a server in Japan and was used for internal testing of its Entertainment, Technology, and Services arm.
The company is currently investigating the attack and has deactivated the server. The hackers behind the breach exposed multiple files that contained data from the SonarQube platform, certificates, a license generator, Creators’ Cloud, and more.
MOVEit Creator Reveals Critical Flaw in Another Tool
Following incidents like the significant MOVEit breach, regulators introduced new disclosure rules. It was reported that Progress Software last week issued a patch for its WS_FTP file-transfer software.
The update tackled “multiple vulnerabilities” in the software, which facilitates secure data movement for enterprise users. Cybersecurity firm Rapid7 has noted several instances of WS_FTP exploitation occurring and affecting the tech and healthcare industries.
Trend Micro’s Zero Day Initiative head of threat awareness, Dustin Childs, suggested ransomware groups might use file transfer zero-day vulnerability as email caution grows.
Furthermore, MOVEit isn’t the only product. Other file transfer products may also become potential targets due to security concerns.
