Nearly 7,000 Sony Interactive Entertainment employees are receiving personal data caution notices.
According to The Verge, Sony is sending notices to several former and current employees of the Sony Interactive Entertainment (SIE) division to warn them that their personal information has been compromised due to an attack on the server system. released last May.
According to a report by Bleeping Computer, emails were sent to approximately 6,800 affected individuals. Sony even confirmed another violation that occurred recently in September.
A ransomware group called Cl0p claimed responsibility for the breach of Sony’s servers in June. The data breach occurred through a vulnerability in the MOVEit Transfer data-sending platform that SIE was using. Sony is one of many enterprise organizations affected by attacks related to MOVEit
Progress Software, the creator of MOVEit Transfer, notified its customers (including Sony) about the vulnerability in the platform on May 31. After the warning, SIE discovered that an attack occurred on May 28 and hackers downloaded a lot of data from their servers.
The data on this server includes personally identifiable information of US-based employees, and Sony is currently providing monitoring services to those affected. At the same time, the company said it has fixed this vulnerability.
The Japanese company also opened an investigation last month into the second attack, in which hackers stole 3.14 GB of data. Sony confirmed this server is located in Japan and is used for internal testing for its entertainment, technology, and services business. The incident is currently being investigated and this server has also stopped working.
In the latest attack, hackers leaked data from the SonarQube platform, certificates, license generator, and Creators’ Cloud Sony said this incident did not hurt the company’s operations