Sony Corporation finds itself on the brink of a cybersecurity crisis as a relatively new ransomware group, Ransomed.vc, claims to have successfully infiltrated the tech giant's systems and is threatening to sell sensitive data. While the authenticity of the claims has yet to be confirmed, the situation is raising alarm bells in the cybersecurity community.
Ransomed.vc, which touts itself as a "ransomware-as-a-service" organization, boasts of its security prowess and adherence to data privacy laws, specifically mentioning compliance with GDPR. This unusual stance suggests that the group is determined to leverage legal threats in their extortion tactics.
Ransomed.vc Gained Access to a Substantial Amount of Sony's Internal Data
The breach was initially reported by cybersecurity publication Cyber Security Connect, which detailed the extent of the alleged hack.
According to their September 25 report Ransomed.vc appears to have gained access to a substantial amount of Sony's internal data. The proof-of-hack data provided by Ransomed.vc, while not comprehensive, includes screenshots of an internal login page, an internal PowerPoint presentation with testbench details, and multiple Java files.
Additionally, they have shared a file tree containing less than 6,000 files, a quantity that may seem surprisingly low given the magnitude of the alleged breach. Numerous sample files prominently showcase Japanese characters.
Data for Sale: Post Date September 28
In their statement, the group asserted, "We have successfully compromised all of Sony's systems. We won't ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE. WE ARE SELLING IT." This stance raises questions about their motives and suggests that they are determined to capitalize on their ill-gotten gains.
While the group has not disclosed a specific price for the data, they have provided contact information for Tox messaging service, Telegram, and email. Additionally, they have set a "post date" of September 28, presumably indicating their intention to release the data publicly if a buyer is not found by that time.
Ransomed.vc's Emergence
Ransomed.vc's emergence on the cybercrime scene is noteworthy, considering their brief existence, which dates back only to September. Despite their relative newness, they have managed to amass a considerable number of victims, with Sony being the latest addition to their list. In addition to their alleged breach of Sony, Ransomed.vc has also claimed that they have compromised the Japanese mobile operator, NTT Docomo, demanding a ransom payment of $1 million.
Sony, a Japanese multinational conglomerate corporation headquartered in Minato, Tokyo, Japan, boasts an extensive global presence and a diverse range of products and services. Ransomed.vc's audacious claim to have "successfully compromised all of Sony systems" has sent shockwaves through the cybersecurity industry.
The situation continues to evolve, with cybersecurity experts closely monitoring the developments. Sony has not issued an official statement regarding the incident at the time of this report, leaving many questions unanswered about the scope of the breach and the potential impact on the company, its customers, and its partners.
