Sony Interactive Entertainment recently sent emails to current and former employees and their families to inform them of relevant matters related to the leakage of personal information. Sony said in the announcement that it had emailed 6,791 Americans and invited them to confirm their identity and restore service through Equifax by February 29, 2024.
Sony stated that the intrusion was initiated by attackers through a zero-day vulnerability in the MOVEit Transfer platform. The vulnerability tracking number is CVE-2023-34362, which is a high-risk SQL injection vulnerability that can remotely execute arbitrary code.
It was reported in July this year that the Clop ransomware group used this vulnerability to launch large-scale attacks, endangering brands such as the cosmetics brand Estee Lauder.
The Clop ransomware group launched the intrusion on May 28 this year. Sony discovered the attack three days later, in early June, and discovered unauthorized downloads. Sony subsequently temporarily disconnected the Internet and fixed the related vulnerabilities.
