Sony Confirms Two Security Breaches Affecting Employee Data
The first breach, discovered in June, occurred when the Clop ransomware group exploited a zero-day vulnerability in the MOVEit Transfer platform, used for secure file transfers.
MOVEit’s vendor, Progress Software, alerted Sony to the vulnerability on June 2, but the breach had already occurred by May 28.
Sony notified the Office of the Main Attorney General that all of 6,791 individuals affected are either current or former employees of Sony Interactive Entertainment in the United States.
The company has already taken steps to inform each affected person about the incident, detailing the nature of the personal and sensitive information that was exposed.
To mitigate the impact of this breach, Sony is also offering each affected individual 24 months of Equifax ID WatchDog or Complete Premier credit monitoring and identity restoration services.
The second breach, previously reported last month, was claimed by a new ransomware group known as Ransomed.vc. This group asserted that they had stolen “all” of Sony’s data, but their provided sample lacked credibility.
Sony has now confirmed the occurrence of this second breach, stating:
“Sony has been investigating recent public claims of a security incident at Sony. We are working with third-party forensics experts and have identified activity on a single server located in Japan used for internal testing for the Entertainment, Technology, and Services (ET&S) business.
Sony has taken this server offline while the investigation is ongoing.”
In contrast to the significant PlayStation Network breach in 2011, this recent compromise appears to be more contained and not a direct fault of Sony.
Nevertheless, it underscores the importance of bolstering security measures, especially when using secure file transfer services, to protect employee data.