Sony Hit Twice: CL0P Ransomware Group Exposes Data of 7,000 U.S. Employees

Sony faces back-to-back cyberattacks, exposing data of 7,000 U.S. employees. The latest breach is by CL0P ransomware via a MOVEit software vulnerability. Sony is investigating and offering support to affected staff.

Sony, the Japanese tech giant, has confirmed not one, but two major security breaches within a span of a few months. The latest hack has exposed sensitive data of nearly 7,000 U.S.-based employees, both current and former. 

The infamous ransomware group CL0P is behind the latest breach. They took advantage of a weak spot in the MOVEit Transfer file delivery platform, a software that Sony had been using. This same platform has been a gateway for Russian hackers who have targeted organizations in both Europe and the United States. Notably, U.S. government agencies like NASA and the Department of Defense have also been using MOVEit, raising serious concerns about the software’s security features.

Sony became aware of the MOVEit vulnerability on May 31, when Progress Software, the creators of MOVEit Transfer, alerted its customers. Sony’s internal investigation revealed that the breach had occurred on May 28, and the hackers had downloaded data from the server. The compromised server stored identification information of Sony’s employees in the United States. The company has since claimed to have rectified the security lapse and is extending support to those affected.

Ransomware attacks are evolving. Groups like CL0P are not just after money; they are also keen on crippling systems and destroying vital files. Typically, these groups encrypt the victim’s computer systems and then demand a ransom for the decryption key. In Sony’s case, the company has refused to pay the ransom, leading the hackers to consider selling the stolen data directly.

Sony is also investigating another security breach from last September. This breach resulted in the theft of 3.14 GB of data, including files from platforms like SonarQube, a license generator, and Creators’ Cloud. While Sony insists that this incident had no negative impact on its operations, the group has claimed responsibility and expressed willingness to sell the data. Another group, MajorNelson, is also staking a claim to the hack, adding a layer of complexity to the situation.

Bhasker Das
Bhasker Das
Bhasker Das, with a master's in Cybersecurity, is a seasoned editor focusing on online security, privacy, and protection. When not decrypting the complexities of the cyber world, Anu indulges in his passion for chess, seeing parallels in strategy and foresight.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream