Sony confirms data breach affecting nearly 7,000 employees

Sony Interactive Entertainment (SIE) has warned around 6,800 current and former employees that their personal data was accessed via a data breach, according to a letter seen by Bleeping Computer. The nature of the personal information stolen by hackers was redacted, but the company stated that a file transfer app called MOVEit was the source of the breach. It's the second report of an attack on Sony's operations within the last two weeks.

A ransomware group called CL0P claimed credit for the attack on May 28th, and MOVEit's vendor Progress Software notified Sony about the vulnerability on May 31st "On June 2, 2023, [we] discovered the unauthorized downloads, immediately took the platform offline, and remediated the vulnerability," Sony states in the letter to employees. "An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement."

The hackers reportedly gained access to personally identifiable information about US employees, so Sony is providing credit monitoring services to those affected.

Sony was victim of another breach first reported last week. In that case, the hackers accessed servers in Japan used for internal testing for its Entertainment, Technology and Services business, pilfering 3.14GB of data. A threat actor called Ransomed.vc took credit for the attack, but that was denied by another group calling itself MajorNelson, which posted a sampling of files as proof. Sony said it was investigating the attack, adding "there has been no adverse impact on Sony's operations."

The company's PlayStation network was attacked in 2011, and Sony Pictures was famously hacked in 2014, resulting in a massive leak of documents and content — including entire films.