Ransom.vc group claims breach of 'all Sony systems'

Ransomed.vc, a ransomware outfit claimed to have successfully breached the systems of Sony Group and is threatening to sell a cache of data stolen from the Japanese company.

“We have successfully compromised [sic] all of Sony systems,” the group claimed on both the clear and dark nets. “We won’t ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE.”

According to Cyber Security Connect, the group has posted some proof-of-hack data, although it says this is “not particularly compelling information on the face of things”.

There are screenshots of what appears to be an internal login page, a PowerPoint presentation, a few Java files, and what appears to be a file tree of the leak, which contains fewer than 6,000 items.

The organisation specified a "post date" of September 28; if no one pays for the material beyond that point, the data will be released in bulk by Ransomed.vc.

Ransomed.vc is said to be both a ransomware operator and a ransomware-as-a-service organisation.

It claims to be a “secure solution for addressing data security vulnerabilities within companies”, and also to be operating “in strict compliance with GDPR and Data Privacy Laws”.

“In cases where payment is not received, we are obligated to report a Data Privacy Law violation to the GDPR agency!” the group says.

According to reports, the majority of Ransomed.vc's members are based in Russia and Ukraine.

Sony's PlayStation Network experienced a significant breach in 2011 that exposed the personal information of almost 77 million accounts and forced the service to be offline for 23 days.

The attack initially cost Sony more than $100 million, and as a result, Sony was obliged to apologise to not only players but also developers whose game launches were delayed or whose online services were rendered inaccessible.

After finally being the target of up to 55 class action lawsuits, Sony decided to provide affected parties with compensation, including free games.

“You are the lifeblood of the company,” PlayStation‘s US boss Jack Tretton said at the time. “Without you, there is no PlayStation. I want to apologise personally. It’s you that causes us to be humbled and amazed by the support you continue to give.”

To Sony’s third-party publishing partners, Tretton said, “I know the outage has been costly. We wouldn’t be where we are without you”. 

He added, “We are committed more than ever to making sure the PlayStation experience is entertaining and secure for everybody”.