The Rhysida Ransomware group loudly claims this attack. On December 12, the hackers revealed that they had in their possession a very large amount of confidential information belonging to Insomniac and Sony. Their requirement: to have payment of the sum of 50 bitcoins, or nearly 2 million euros, under penalty of disclosing the approximately 1.67 terabytes of data in their possession. Information relayed by CyberDaily.au, a site specializing in cyber-protection, which announced today that Rhysida had carried out its threats, Sony and Insomniac having refused to give in to blackmail.
Unquantifiable economic and human consequences
As a result of this, thousands of images and confidential documents concerning the next Insomniac/Sony projects were put online on the Rhysida site (site hosted on the darknet of course), then quickly distributed on sites of surface. The personal data of Insomniac employees was also thrown into the wild. For the moment, Sony’s stock price is not showing any consequences following this leak. However, at the time of writing, the Tokyo Stock Exchange is not yet open, the consequences could take place in the coming hours/days.
On the side of Rhysida, the spokesperson for the group of hackers declared to our colleagues at CyberDaily: “Yes, we knew who we were attacking. We knew game developers like this would be an easy target. We were able to reach the admin domain within 20-25 minutes of the network being hacked“. According to the latest information available to us, Sony has launched an investigation into this incident. Regarding this investigation, Rhysida’s spokesperson reacted: “Sony has launched an investigation, but it would be better if it takes place discreetly“.
For the moment, neither Sony nor Insomniac have commented on this event.