Following investigations on a certain ransom group’s claim of compromising Sony’s systems, the Japanese company has confirmed that the breach is indeed real. Consequently, it affected more than 6,000 people in the process.
According to a report by Bleeping Computer, the intrusion took place as an unauthorized party leveraged the zero-day vulnerability in the MOVEit transfer platform.
Known previously for having been used by the ransomware called CL0P, the zero-day is identified as CVE-2023-34362. It is a critical-severity SQL injection flaw that enables remote code execution, which has impacted a plethora of organizations across the globe.
The report goes on to state that the discovery of the breach happened on May 28, three days before Sony was made aware of the flaw by MOVEit vendor, Progress Software. However, the finding of the breach only started in early June, per the notice.
On June 2, 2023, [we] discovered the unauthorized downloads, immediately took the platform offline, and remediated the vulnerability.
Although the ransomware group claimed that it had put Sony’s many systems into compromising disposition, the company denies its authenticity. It stated that the exploit is exclusive only to the software platform.
Sensitive information by 6,971 individuals in the United States was exposed because of the breach.