Sony is looking into allegations of a cyberattack this week as multiple hackers have come forward to assert responsibility for the alleged breach.
Initially, a group named RansomedVC claimed responsibility for the attack on Sony's systems. However, another threat actor has emerged, claiming to be the actual attackers and disputing RansomedVC's assertions.
Up to this point, hacker forums have seen the release of more than 3.14 GB of uncompressed data purportedly associated with Sony.
Sony Launches Investigation Following 3.14 GB Data Leak
This week, an individual or group operating under the alias RansomedVC asserted responsibility for a breach of SONY.com, announcing the sale of its "data and access."
"We have effectively breached all of Sony's systems," declared a message posted on RansomedVC's onion leak site. "We won't demand a ransom; instead, we will sell the data because Sony has refused to comply."
RansomedVC asserted that it had infiltrated Sony's networks and acquired 260 GB of data in the course of the attack, which they are now seeking to sell for $2.5 million.
It's worth noting that despite its name, RansomedVC is not a ransomware outfit; they informed us that they are still in the process of developing an encryption tool.
A spokesperson from Sony Group Corporation responded, saying, "We are currently looking into the situation, and at this time, we have no further comments."
However, the situation has become convoluted, as another threat actor known as 'MajorNelson' has also laid claim to the attack and contradicted RansomedVC's assertions.
"Journalists, you seem overly trusting of the ransomware group's claims. Your gullibility is rather disappointing," remarked the threat actor MajorNelson on BreachForums. He was critiquing recent news reports that had accepted the attack as fact without verifying it and had credited RansomedVC.
"RansomedVCs are merely fraudsters attempting to deceive you and gain influence. Enjoy the data leak."
Instead of releasing a limited sample, MajorNelson has chosen to "freely leak" a 2.4 GB compressed archive, purportedly containing 3.14 GB of uncompressed data from Sony.
According to the threat actor, the dump includes:
- Numerous credentials for internal systems.
- Files associated with:
- SonarQube
- Creators Cloud
- Sony's certificates
- A device emulator for generating licenses
- qasop security
- Incident response policies
- And more.
Although the shared data appears to be linked to Sony, independent verification of either threat actor's claims by BleepingComputer remains unverified.
Before these recent allegations, Sony's most prominent encounter with a cyber attack occurred in 2014 when North Korean hackers breached Sony Pictures in an attempt to censor the release of the film, "The Interview."
