Sony Data Breach Impacted Thousands of Employees

pcmag.com:

Sony confirmed it has suffered not one, but two security breaches since the end of May.

As BleepingComputer reports, the first was discovered in June when the Clop ransomware group took advantage of a zero-day vulnerability in the MOVEit Transfer platform used for secure file transfers. MOVEit's vendor, Progress Software, informed Sony of the vulnerability on June 2, but the compromise had already happened by then (on May 28).

According to a data breach notification filed with the Office of the Main Attorney General, 6,791 individuals had their personal information compromised. All of them are either employees or former employees of Sony Interactive Entertainment in the US. The Japanese company has sent each of those individuals a letter explaining what happened and specifically what type of personal/sensitive information was taken.

Each person impacted by this breach is being offered 24 months of Equifax ID WatchDog or Complete Premier credit monitoring and identity restoration services by Sony.

The second breach is the one we reported on last month. A new ransomware group known as Ransomed.vc claimed to have stolen "all" of Sony's data, but the sample the group shared was far from convincing.

Sony has now confirmed this second breach did happen, with a spokesperson explaining:

"Sony has been investigating recent public claims of a security incident at Sony. We are working with third-party forensics experts and have identified activity on a single server located in Japan used for internal testing for the Entertainment, Technology and Services (ET&S) business.

Sony has taken this server offline while the investigation is ongoing. There is currently no indication that customer or business partner data was stored on the