Sony investigating alleged ransomware attack, group threatens to sell data

Sony announced today it’s launching an investigation into a ransomware attack that allegedly occurred yesterday. It’s not disclosing the details of the investigation, save that it’s happening, but the group responsible is reportedly trying to sell the information. Given Sony’s history with data breaches, such as the one in 2011, having more data breaches would be a blow to the company.

Earlier this week, a ransomware group claimed to have breached security at Sony. The group, identified by Cyber Security Connect as a relatively new one called Ransomed.vc, said it had compromised “all of sony systems.” The group said it wouldn’t ransom the data it had collected (ironically), but said the data was for sale. Sony told IGN, “We are currently investigating the situation, and we have no further comment at this time.”

According to Cyber Security Connect, the amount of data — about 6,000 files — appears relatively small. The group have not disclosed the amount of money they’re asking for the information. It’s also listed September 28 as a “post date,” presumably the final possible purchase date before the information is published.

This is not the first time Sony has fallen victim to an outside data breach. In 2011, the PlayStation Network hack, in which 77 million accounts were compromised, took the PSN offline for weeks. It ultimately cost the company around $171 million, as well as $15 million for the class-action lawsuit users filed against Sony. The company later amended its terms of service in response to the incident.

Originally appeared on: TheSpuzz