Sony confirmed data theft after a ransomware attack

Sony confirmed that it was the victim of an attack by the ransomware group known as C10p, which managed to download personal data of thousands of the company’s workers in the United States, through a cyberattack on the MOVEit Transfer service.

MOVEit Transfer, from the company Progress Software, is a file transfer software used by multiple companies on a daily basis, including Sony Interactive Entertainment (SIE).

In this sense, the group of cybercriminals carried out an attack during the month of May against this transfer service, which has ended up affecting various companies, including the BBC and, now, also SIE.

Sony notified around 6,800 employees allegedly affected by this cyberattack through an information email, collected by Bleeping Computer, in which it informed them that some of their personal information may have ended up in the hands of C10p.

Specifically, the company detailed that on May 28 of this year it found a vulnerability in which an unauthorized actor downloaded some SIE files stored on the MOVEit platform. This data breach was confirmed when days later, on May 31, Progress Software announced a newly discovered vulnerability in its MOVEit Transfer platform.

After that, the company reported that on June 2nd its security team discovered the unauthorized downloads and began to “immediately” disconnect the platform and fix the vulnerability. In addition, he stressed that, from that moment, an investigation was initiated with cybersecurity experts external to the company.

K. Tovar

Source: MuycomputerPro

(Referential image source: 85mm.ca, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram