Sony and PlayStation confirm data breach, is your personal data at risk?

The hacker group Ransomed.vc recently claimed responsibility for an alleged attack on Sony's systems. After an investigation, the company in charge of PlayStation finally confirmed that a third party did indeed breach its systems and steal the information of thousands of people.

Through a statement, Sony informed that the attack was carried out on MOVEit, a data transfer platform used by Sony Interactive Entertainment (SIE) employees. The hackers exploited a vulnerability to access personal information of 6791 workers and former employees. The attack did not breach other systems or other platforms of the company, according to the report.

How did the cyber attack on Sony happen?

According to the details, Progress Software, the company in charge of the MOVEit platform, found a vulnerability last May 31. So it notified Sony about the risks; however, the attackers had already acted 3 days before.

Due to this flaw, hackers were able to enter Sony's systems and steal the information of thousands of employees. The company became aware of the third-party movements on June 2 and instantly took the platform offline to fix the vulnerability.

Subsequently, it sought the help of cybersecurity experts to initiate an investigation. It also contacted the relevant authorities to follow up on the case.

"Once SIE identified the downloaded files, we began a process to determine what types of personal information were affected and to whom it relates. While we worked quickly, this was a time-consuming process, and we wanted to provide you accurate informatio," the company said.

Is your personal data at risk from the Sony cyber attack?

We know that Sony is currently working to contact all those affected by the hack. That is, with its current and former employees. A company spokesperson pointed out that the data of its customers and business partners were not affected, as they were not stored on the platform that was targeted by the attack.

Finally, the company confirmed that it will offer free services to those who were victims of the hacking. In this way, they will receive protection related to fraud and identity theft.