Sony battles new hack: ‘Is my account safe?’ Echoes among concerned customers

• “Is my Sony account safe?” Customers question the company as it faces a significant cyberattack from Ransomed.vc.
• Ransomed.vc group plans to sell the allegedly compromised data.

In a world increasingly held to ransom by cybercriminals, emerging ransomware group, Ransomed.vc, is taking center stage with their claim of a successful attack on the global entertainment giant, Sony. With links to prior hacking communities and a growing list of victims despite its recent formation, the group’s audacious claims cast a shadow over Sony’s cyber-security framework, raising questions and fears about the security of personal and corporate data. As the drama unfolds, stakeholders worldwide wait with bated breath, hoping for a quick resolution and assurance of data safety.

While Ransomed.vc is relatively new, it boasts of significant accomplishments within a short span, including a successful attack on Sony. As reported by Cyber Security Connect, the group has shared this information on its leak sites, both on clear and dark nets, copying a description directly from Wikipedia to detail Sony’s global footprint.

“Is my Sony account compromised?”

In their announcements, the group declared a successful compromise of all Sony systems. Instead of seeking a ransom, Ransomed.vc plans to sell the compromised data, attributing this decision to Sony’s refusal to pay. They emphasize their intent to sell the data, providing minimal proof including screenshots of an internal login page, an internal PowerPoint presentation, and several Java files.

Despite the lack of compelling evidence, Ransomed.vc posted a file tree of the entire leak, showing fewer than 6,000 files. These include build log files, a diverse range of Java resources, and HTML files, with many sample files prominently featuring Japanese characters.

Ransomed.vc has not listed a specific price for the compromised data, but has left contact information using the Tox messaging service, along with Telegram and email details. The group has also given a “post date” of 28th September 2023, implying that they will release the data in entirety if it remains unpurchased by this date.

Projecting a unique stance, Ransomed.vc not only operates as a ransomware entity but also offers ransomware-as-a-service, actively seeking affiliates. They assert their operation abides by GDPR and Data Privacy Laws, threatening to report any non-payment as a Data Privacy Law violation to the GDPR agency.

In a twist, a second individual, MajorNelson, disputes Ransomed.vc’s claims, suggesting their allegations of breaching Sony systems are false. MajorNelson has reportedly released the supposed leaked data for free on a clear web hacking forum, asserting that Ransomed.vc is attempting a scam.

Further undermining Ransomed.vc’s claims, MajorNelson provides a link to a 2GB archive for free download, supposedly containing credentials for numerous internal systems among other sensitive information. Sony, currently investigating the incident, has not released further comments.

Despite the posting of limited proof-of-hack material, Ransomed.vc continues to claim a successful compromise of Sony systems. Following the clear web leak by MajorNelson, the group updated its darknet leak site to announce a partial database leak, coinciding with the information and link provided by MajorNelson overnight.

Revisiting the 2011 PlayStation Network outage

Sony faces the hope and expectation to address the current issue peacefully, in light of the substantial breach in 2011 that left a considerable mark on PlayStation and its users. This past breach saw around 77 million accounts’ personal details compromised, leaving users without online services for an extended period.

The turmoil began with Anonymous, a known hacktivist group, launching a series of DDoS attacks against Sony’s servers. These attacks substantially disrupted the PlayStation Network (PSN) in April 2011, prior to the major privacy breach.

Anonymous, infuriated by Sony’s legal action against George “Geohot” Hotz, a PS3 jailbreaker, believed that the information Hotz revealed should be publicly accessible. They contended that Hotz had inadvertently assisted Sony by highlighting a significant system loophole.

Although the group ceased their attacks, realizing the unintentional harm to Sony’s users, PSN faced another attack on April 19, 2011. This time the attack was different in nature, prompting Sony to take PSN offline two days later.

On April 21, Sony informed PSN users about the ongoing emergency outage, with a commitment to investigating the issue, including the possibility of outside interference, and to restoring services as swiftly as possible.

This incident marked the beginning of the PSN outage, which lasted until May 14. Amidst the crisis, Sony alerted customers about a potential delay of up to 48 hours before services could resume.

The day after, Sony acknowledged an “external intrusion” and initiated an extensive investigation to guarantee the future reliability and security of their network services. However, the company did not confirm the risk to personal details until four days later, leaving users in anticipation and concern.

A week into the downtime, Sony had not provided any detailed information about the specific cause. Assumptions were made that Sony had intentionally shut down the PSN to prevent additional attempts on its systems. However, updates from Sony were optimistic, albeit somewhat vague. Sony engineers were tirelessly working to resume services, as repeatedly communicated to PSN users. On the evening of 26th April, Sony eventually disclosed the unsettling news that the personal information of millions was breached.

As Sony embarks on addressing this recent cyber onslaught, the echoes of past breaches serve as a stern reminder of the devastating impacts of cyber vulnerabilities. The global audience, particularly millions of Sony’s customers, are keenly watching, hoping for a swift and effective resolution to this latest threat.

---

---

---

---