Sony is currently probing a security breach involving first-party studio Insomniac Games.
As initially disclosed by Cyberdaily.au, the PlayStation studio recognized for its work on the Marvel’s Spider-Man series has apparently become victim to the ransomware group Rhysida.
Rhysida alleges to have illicitly acquired data from Insomniac Games and is currently attempting to auction off the information for 50 bitcoins, equivalent to around $2.05 million dollars.
“With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data,” the Rhysida gang writes on its website, which can only be viewed on the dark web. “Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!”
To authenticate their hack, Rhysida have shared a portion of the pilfered data. Which seems to encompass screenshots from the upcoming release of the Marvel’s Wolverine game.
The extent of the data breach remains uncertain. However, as evidence of the actual hack, the group has shared a snapshot of a portion of the stolen data, which includes images of emails, tax forms, and passports belonging to Insomniac employees.
In response to the incident, Sony informed IGN: “We are aware of reports indicating that Insomniac Games has fallen victim to a cybersecurity attack. We are actively investigating this matter. At present, there is no indication that any other divisions within SIE or Sony have been affected.”
The Rhysida gang is a rising ransomware group that has been focusing on various sectors such as education, IT, and healthcare since May. Similar to other ransomware entities such as the gay furry hackers over at SiegedSec, the group markets access to its Windows-based ransomware code to affiliates, who subsequently carry out the attacks. The resulting proceeds are distributed among the involved parties.
Obviously, the extent of the information stolen is immense.
I’m not referring to the leaked screenshots of Marvel’s Wolverine, which appears to be another typical third-person, over-the-shoulder, scripted cinematic woke slop designed for casuals.
Instead, I’m of course referring to the confidential employee data that has allegedly been seized, which includes details as fine as employee passports, as seen censored in the above image.
Sony has a history of experiencing security breaches, notably when the entire PlayStation Network fell victim to a major hack orchestrated by the group Anonymous in 2011.
This significant incident, often overlooked, resulted in the exposure of full names, addresses, usernames, passwords, and email addresses linked to around 77 million PSN accounts. Additionally, there was a potential compromise of some users’ billing information, encompassing credit card numbers, expiration dates, and security codes.
And now it would seem that Sony’s security is as robust as their lineup or PlayStation 5 exclusive titles.
