Sony data breach taken place
Image Source: hcamag.com

Internet security is something that can be a major concern in any industry. It is something that requires utmost care and precaution. When a major chunk of data was leaked in 2014, under the name Heartbleed, it became quite the news. A lot of Google email addresses were breached in that leak and it is still remembered as a big one. However, now it seems like Sony might be facing something similar.

It seems like there has been a major data breach and Sony’s workers have been caught in the middle of it. At first, it did not seem like it was a big deal but now the company has confirmed that there was indeed a major breach. It is quite a serious concern because the data is even being sold online!

Sony and a data breach
Image Source: secsign.com

Sony and the Breach

While the title here sounds like a film title, it is quite dire matter that is at hand. While the attack occurred on May 28th, it was until now that the level of breach was confirmed. Personal information and details about their current and former employees has been leaked Sony said that the hackers who carried this attack leveraged a flaw in the MOVEit managed file transfer software to steal sensitive personal information belonging to them, and their family members.

While Sony did discover unauthorized downloads taking place and they took the platform offline, it was too late to stop much. Where they thought only a handful of individuals had been affected, the real number was much greater. More than six thousand employees had their information leaked. The fact that the information was later found to be on sale on various platforms on the dark web confirmed that Sony had not negotiated with the hackers.

data breach and sony leak
Image Source: transparityinsurance.com

Keeping Data Secure

How does it play in Sony’s court, knowing they have not done any negotiation with the hackers to obtain back the stolen information? The data was stolen and being sold by a Russian financially motivated ransomware actor known as Cl0p.

Cl0p breaching MOVEit MFT is being regarded as one of the biggest cyber mess-ups of all time. They let all of this happen right from underneath their watch. To think that MOVEit is a tool that is used by quite a lot of organizations worldwide. If it was used as an exploit against Sony, what other companies could be in trouble? Internet Security is no joke, it must always be treated as high priority.

Stay tuned for more from Brandsynario!