The Hacker Group Ransomed.vc has announced that it has infiltrated Sony’s systems. They also threatened to sell the data they had acquired from Sony.
Although there is no confirmation of their claims, reports from Cyber Security Connect indicate that Ransomed.vc, a new player in the world of ransomware, has already affected numerous victims in a short space of time.
The group issued a statement on various online platforms, declaring, « We have taken control of all Sony systems. Instead of demanding a ransom, we will sell the data because Sony has refused to pay. The data is now for sale. »
Cyber Security Connect mentions that the group has provided some evidence of their hacking. The evidence consists of screenshots of Sony’s internal login page, a company PowerPoint presentation, a few Java files and a directory of leaked data that appears to contain fewer than 6,000 files.
Ransomed.vc has set a date, September 28, after which, if no one buys the data, they could publish it in full.
Interestingly, Ransomed.vc functions as both a ransomware group and a service provider. They claim to offer « secure solutions for corporate data security vulnerabilities » and claim to work in compliance with RGPD and data protection laws.
The group warns that if they don’t receive payment, they have a duty to report the breach to the RGPD agency. Most Ransomed.vc members are reported to be based in Ukraine and Russia.
As a reminder, in 2011 Sony’s PlayStation Network suffered a major breach, compromising around 77 million accounts. This incident had a major financial impact on Sony, costing it over $100 million.