Image: sebastiaan stam (unsplash)
Sony is currently delving into claims of a recent data breach, with various hacking entities vying for acknowledgment of the alleged act.
Initially, allegations regarding breaches in Sony’s system were attributed to an extortion entity named RansomedVC. However, another group has since emerged, challenging RansomedVC’s statements and asserting their role in the breach.
Recent reports reveal that over 3.14 GB of uncompressed data, which might be related to Sony, has surfaced on various hacking platforms.
Data Breach at Sony: 3.14 GB of Data Exposed
Earlier this week, an entity known as RansomedVC declared their successful breach of SONY.com, subsequently offering the retrieved “data and access” for potential buyers.
Notes found on RansomedVC’s onion site suggest that they had no intention of demanding a ransom but instead planned to sell the data, citing Sony’s alleged unwillingness to negotiate.
Upon inspection by BleepingComputer, the data sample showcased by RansomedVC was relatively minor, measuring about 2 MB. This sample included a PowerPoint slideshow, Java source code documentation, snapshots of the Eclipse IDE, among other items.
RansomedVC informed BleepingComputer of their purported breach into Sony’s networks, alleging the theft of 260 GB of data, which they aimed to sell for a sum of $2.5 million.
Despite its moniker, RansomedVC identifies as an extortion entity, not a ransomware group. They even revealed ongoing efforts to develop encryption tools.
In response, a representative from Sony Group Corporation shared with BleepingComputer that they are actively exploring the situation but declined to provide further details.
Further complicating matters is the emergence of another group, ‘MajorNelson’, asserting their involvement in the breach and countering RansomedVC’s assertions.
In posts found on BreachForums, MajorNelson chastised the media for allegedly being misled by RansomedVC, dismissing them as mere scammers seeking undue attention.
Highlighting their claim, MajorNelson shared a 2.4 GB compressed archive for free, which when uncompressed amounted to 3.14 GB of data. They assert that this data set originates from Sony.
This data set is said to encompass numerous credentials for internal platforms and files related to various systems and tools, such as SonarQube, Creators Cloud, Sony’s certificates, a device emulator for producing licenses, qasop security, incident management guidelines, among others.
Upon comparison, BleepingComputer discerned that MajorNelson’s archive encompassed all items found in RansomedVC’s initial sample. However, assigning blame definitively remains intricate.
Despite the data seemingly being associated with Sony, BleepingComputer has yet to corroborate the assertions of either hacking entity conclusively.
Historically, Sony experienced a significant breach in 2014, which gained significant media attention.