PlayStation Confirms Data Breach, 6,800 Employee's Personal Info Exposed
thegamer.comLast month, a ransomware group called Ransomed.vc claimed that it had managed to breach "all Sony systems" and was threatening to sell stolen data, though it was never actually confirmed whether the breach happened or what kind of data had been stolen. After the incident, Sony said it had begun investigating, but was not ready to provide any comments regarding the potential breach at the time.
First reported by BleepingComputer (thanks VGC), Sony has now confirmed in a statement that an "unauthorised actor" managed to gain access to the MOVEit file transfer platform that is used by Sony employees. It was via a vulnerability in this platform that the individual behind the breach was able to download a bunch of Sony files, allowing them to access the personal information of 6,791 current and former Sony employees based in the United States.
Related: Save $100 And Buy The PlayStation Backbone Instead Of The Portal
Sony has apparently been letting all employees that have been affected by the breach know what's happened and is providing them with free credit monitoring and identity restoration services. It has also claimed that the individual in question has only breached this particular software platform and that the rest of its systems are unaffected. From this, we can gather that player information hasn't been stolen, but Sony doesn't seem to have revealed the full extent of what kind of information has leaked.
"On June 2, 2023, SIE discovered the unauthorised downloads, immediately took the platform offline and remediated the vulnerability," explained Sony in a letter to affected employees. "An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement."
"Once
Read more on thegamer.com
