A recent data breach at Sony has exposed the personal information of the company’s employees and their family members, according to reports by BleepingComputer. The breach was confirmed by Sony and it appears that a threat actor was able to exploit a vulnerability in Progress Software’s MOVEit Transfer platform to steal the data before the flaw was disclosed in May 2023.
Sony stated that on June 2, 2023, its subsidiary Sony Interactive Entertainment discovered unauthorized downloads and immediately took the platform offline and remediated the vulnerability. An investigation was launched with the assistance of external cybersecurity experts, and law enforcement was also notified. However, the Clop ransomware gang, known for using MOVEit vulnerabilities for widespread attacks, added Sony to its list of victims in June.
Experts believe that this incident is just the beginning, with more MOVEit-related disclosures expected in the future. Dr. Martin J. Kraemer, a security awareness advocate at KnowBe4, expressed his opinion on the matter, stating that the attackers will continue to release information on the dark web as it suits their goals. He also highlighted the importance of securing supply chains, especially with the introduction of new regulations like NIS-2 in Europe, which holds executives personally liable for cybersecurity incidents.
Kraemer emphasized the need for secure software development, pointing out that the breach started with a SQL injection attack. He stated that vendors must invest in a secure software development life cycle and that security by design should be an integral part of any developer’s training.
In response to the incident, Sally Vincent, a Senior Threat Research Engineer at LogRhythm, provided advice on how organizations can mitigate the risk of data breaches. She recommended adopting a strong cybersecurity posture, including incident and response plans, preemptive identification of malicious cyber activity, and investing in proactive prevention and detection tools. Regular data backups, educational trainings, and well-formulated response protocols were also suggested as important steps to aid in future responses to cyberattacks.
As organizations continue to face increasingly sophisticated cyber threats, it is crucial for them to prioritize cybersecurity measures and stay vigilant in protecting their data and networks. The Sony data breach serves as a reminder for companies to assess their security strategies and implement robust measures to prevent, detect, and respond to potential breaches in the future.