A ransomware group is claiming to have stolen data from Sony and is offering to sell it after the company refuses to pay. While the attack has not been verified, it is reported that the group is known to have stolen data from other victims in the past, and has provided apparent proof that the hack took place.
Sony is yet to respond to these reports, although if the group’s account of the situation is accurate, then it isn’t negotiating with the company any longer. Instead, it says that it has “data for sale”, but it’s not clear if this pertains to business information, users’ personal details, or both.
As reported by VGC, the apparent hack was first documented by Cyber Security Connect. They describe the ransomware group, Ransomed.vc, as a newcomer on the scene, but one that already boasts an “impressive amount of victims”.
“We have successfully compromissed all of sony systems [sic],” reads a post on the group’s website. “We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE […] WE ARE SELLING IT.”
Cyber Security Connect expresses doubts that Ransomed.vc has managed to gain access to “all” Sony files as it claims, citing the relatively small file sizes they are advertising. Still, if any information on Sony’s business plans, or worse, PlayStation users’ accounts were to be made public, it would have wide-reaching ramifications for the company.
This behaviour seems to be quite a departure from Ransomed.vc’s previous acts, which were documented by Flashpoint in August. Here, it was reported that the group operated by hacking companies in a bid to find breaches of data protection laws like GDPR. Then, it was said that they would blackmail the companies, threatening to report the breach to regulators if they didn’t pay up. However, with Sony, the group is not negotiating and is offering to release the information to anyone who pays for it.
Still, Ransomed.vc tries to legitimise itself with references to GDPR, even as it is potentially poised to leak private information on users if that is indeed what it has gained access to.
“We offer a secure solution for addressing data security vulnerabilities within companies,” reads the group’s description of itself. “As penetration testers, we seek compensation for our professional services. Our operations are conducted in strict compliance with GDPR and Data Privacy Laws. In cases where payment is not received, we are obligated to report a Data Privacy Law violation to the GDPR agency!”
None of the data has been made public yet, and it remains to be seen if Ransomed.vc was able to gain access to Sony at all.