December 7, 2023

Sony has confirmed that it suffered a knowledge breach, impacting 1000’s of present and former workers’ private information.

In line with BleepingComputer, Sony Interactive Leisure despatched a discover to each present and former workers to tell them {that a} information breach compromised their data.

We’re writing to you as we consider you’re a former worker of Sony Interactive Leisure (“SIE”) or are a member of the family of a present or former worker of SIE. We need to give you details about a cybersecurity occasion associated to one in every of our IT distributors, Progress Software program, that concerned a few of your private data. This occasion was restricted to Progress Software program’s MOVEit Switch platform and didn’t affect any of our different techniques. Please learn this discover fastidiously, because it gives data on what occurred and what we’re doing, in addition to data on how one can acquire complimentary credit score monitoring and identification restoration providers

Sony says the breach was the results of a MOVEit vulnerability.

On Might 31, 2023, Progress Software program introduced a newly found vulnerability in its MOVEit file switch platform, which is utilized by SIE and 1000’s of different enterprises world wide. On Might 28, 2023, earlier than Progress Software program introduced the vulnerability and we turned conscious of it, an unauthorized actor used the vulnerability to obtain some SIE recordsdata saved on our MOVEit platform. On June 2, 2023, SIE found the unauthorized downloads, instantly took the platform offline and remediated the vulnerability. An investigation was then launched with help from exterior cybersecurity consultants. We additionally notified legislation enforcement

The corporate is aware of what information was accessed, however that data is censored within the publicly obtainable copy of the discover.