Sony has made an unsettling appearance on the dark web victim blog maintained by the data extortion group Ransomedvc. The group asserts that they have successfully infiltrated Sony’s systems and made off with sensitive data. If this claim is verified, it would mark the second breach of Sony’s security in just a matter of months. The previous incident occurred when Sony fell victim to the MOVEit Transfer vulnerability attacks.
Read More: Tesla Optimus Robot Performs Yoga
On their blog, Ransomedvc made a startling announcement, stating that they had managed to breach all of Sony’s systems. However, they made an unexpected declaration by indicating that they had no intention of demanding a ransom from Sony.
Success of Sony Cyberattack?
According to the gang, Sony has declined to pay for the data’s release, leading them to decide to sell it instead. They have issued a threat to publish the purportedly stolen information on September 28.
As evidence of their claims, samples of the data have been posted. These samples are said to include a PowerPoint presentation from Sony’s quality assurance division, internal screenshots that appear to depict a Sony workstation, and certain Java files.
Read Also: How to Buy Facebook Views?
This reported attack on Sony follows closely on the heels of another security breach earlier this year. In that incident, the Russian ransomware group Cl0p managed to access Sony’s data as part of a broader attack that targeted businesses globally. This attack exploited a vulnerability in MOVEit Transfer, a file transfer software. The attack impacted hundreds of companies worldwide, including some prominent ones in the business world. Sony experienced data theft in June during the initial wave of these breaches.
Ransomedvc: Cheaper than a GDPR Fine?
Ransomedvc first came to the attention of cybersecurity researchers back in August. On their blog, the group boldly proclaims to be the “leading company in digital peace tax.”
Reports from security firm Flashpoint suggest that the gang’s ransom demands have varied, ranging from $54,000 to $218,000. Ransomedvc argues that their fees are less than the fines companies might face for violating Europe’s GDPR data regulations, which can amount to millions of Euros. It’s possible that the group keeps their demands relatively low as a strategic move to increase the likelihood of victims complying with their demands, as suggested by Flashpoint.
You Can Read: Best Car Production Company in the World
Some doubts have arisen regarding the credibility of certain claims made by the Ransomedvc group. According to a report from Flashpoint, Ransomedvc has identified several companies as victims who have yet to fulfill their ransom payments. Interestingly, the current status of these companies’ payments is listed as “pending,” while a previous version of the site indicated that the payments were marked as “pending/cancelled.” This has raised questions about the accuracy and legitimacy of the group’s assertions.
There are rumors circulating that suggest the gang might consist of former moderators from previously shut down data leak forums like BreachedForums. This speculation raises the possibility that the group is attempting to extort companies using data that is already in the public domain.