According to a September 25 article from Australian cybersecurity publication Cyber Security Connect, the PlayStation maker was cracked open by Ransomed.vc, a new outfit of hackers that’s only been operating since September—though the publication suggests the gang has connections to previous dark web forums and groups. Cyber Security Connect reports that the hack allegedly unearthed screenshots of Sony’s internal log-in page, an internal PowerPoint presentation outlining test bench details, several Java files, and a document tree of the entire leak housing 6,000 files.
“We have successfully [compromised] all of [Sony’s] systems,” Ransomed.vc proclaimed. “We won’t ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE. WE ARE SELLING IT.”
Interestingly, Ransomed.vc seems to be a ransomware operator and a ransomware-as-a-service organization. That means that alongside these large-scale hacks of major corporations, Ransomed.vc (which VGC claims operates out of Russia and Ukraine) also reportedly works with the EU’s general data protection and regulation (GDPR) and other data privacy laws to report vulnerabilities in company systems and violations in the laws. According to Cyber Security Connect, the group is leveraging laws to reportedly bully victims into submission.
Sony told IGN on September 26 that it was looking into the claims. “We are currently investigating the situation, and we have no further comment at this time,” a statement issued to the publication read.
This isn’t the first time Sony has been hacked. Back in 2011, the company’s PlayStation Network suffered a massive breach that saw some 77 million registered accounts compromised and online features totally inoperable. It was so bad that Sony not only had to explain to Congress what happened but also began giving away games and money a few years later as compensation. Less than 6,000 files may not seem as egregious as that PSN hack, but a hack is a hack all the same, so here’s hoping Sony can batten down the hatches ASAP.