Pierluigi Paganini September 26, 2023

Sony launched an investigation into an alleged data breach after the RansomedVC group claimed the hack of the company.

Sony announced it is investigating allegations of a data breach after the RansomedVC extortion group claimed to have hacked the company and added the company to its Tor leak site.

“We are currently investigating the situation, and we have no further comment at this time.” Sony said.

The ransomware group published some files as proof of the hack, but it is unclear if the threat actors were able to compromise all the company’s systems.

The RansomedVC group doesn’t deploy any ransomware on the victim’s networks.

“We have successfully compromissed all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE” reads the message published by the extortion group on the leak site.

RansomedVC told BleepingComputer that it has stolen 260 GB of data from Sony’s networks and they are attempting to sell stolen data for $2.5 million.

While RansomedVC claims the hack, another threat actor that goes online with the moniker ‘MajorNelson’ also claims responsibility for the attack and says RansomVC is lying.

“You journalists believe the ransomware crew for lies. Far too gullible, you should be ashamed,” reads the post published by MajorNelson on BreachForums. “RansomedVCs are scammers who are just trying to scam you and chase influence. Enjoy the leak.”

MajorNelson leaked a compressed archive of 2.4 GB in size which contains “A lot of credentials for internal systems,” and data related to

• SonarQube
• Creators Cloud
• Sony’s certificates
• A device emulator for generating licenses
• qasop security
• Incident response policies
• and more.

For more information on the alleged hack, stay tuned …

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Sony)