Sony has confirmed that it was the victim of a data breach that impacted thousands of its current and former employees in the U.S.
The breach occurred in May 2023, and the stolen data included names, Social Security numbers, and other personal identifiers.
Clop ransomware gang added Sony Group to its list of victims in late June. However, the firm did not provide a public statement until now.
CL0P #ransomware group added Sony Group (https://t.co/gWitcpMi4s), a Japanese multinational conglomerate corporation to their victim list. #Japan @SonyGroupGlobal#clop #darkweb #databreach #cyberrisk https://t.co/K61asq3o3E pic.twitter.com/JOnfhSdaPF
— FalconFeedsio (@FalconFeedsio) June 22, 2023
The breach was caused by a vulnerability in the MOVEit Transfer platform, which is used to transfer files securely. Sony says that it has patched the vulnerability and is working with law enforcement to investigate the incident.
The company sent the data breach notification to about 6,800 individuals
