Sony’s Insomniac hit with massive ransomware attack leaking Wolverine, employee info and more | #ransomware | #cybercrime

PlayStation-owned game developer Insomniac Games, the acclaimed studio behind the Marvel’s Spider-Man series, has suffered a major cyberattack leaking upcoming games and employees’ personal information.

Last week, ransomware group Rhysida threatened to reveal sensitive Insomniac data unless Sony paid it 50 Bitcoins (approximately $2.6 million CAD). The deadline for that ransom passed, and now, Rhysida has leaked 1.3 million internal Insomniac files totalling 1.67 terabytes of data, making this one of the most significant data breaches in gaming industry history.

As reported by Cyberdaily, the hacked info includes passport information, employee documents, HR and Slack messages, contents of several employees’ PCs and more. On top of that, Rhysida leaked a slew of files related to Insomniac’s upcoming PS5 Wolverine game, which was revealed in a cinematic trailer in 2021 but hadn’t yet had any gameplay revealed publicly.

Out of respect for the affected developers, we won’t share any of the leaks here, but suffice it to say that they are massive, covering everything from multiple snippets of Wolverine gameplay to tons of concept art and even the alleged voice cast for Wolverine, which includes some surprise Marvel characters. Rhysida’s leak also reveals Insomniac’s games roadmap spanning over a decade.

The Insomniac hack comes just two weeks after Rockstar Games was forced to release the firstGrand Theft Auto VI trailer early following a leak. That followed a more significant leak of GTA VI in 2022. Earlier this month, Rockstar developers expressed disappointment over not being able to reveal the game as intended to the community. As Xbox social media manager Josh Stein said, these kinds of leaks ruin “hours, days, weeks, nights” of planning for when and how to ultimately reveal parts of a game.

Of course, the Insomniac leak is even worse than the GTA VI one because developers were doxxed. It’s unclear exactly how many Insomniac employees of the studio’s estimated 400-plus workforce had their personal information stolen. Nonetheless, it’s saddening that even a few people were affected by this.

Sony hasn’t yet responded to the leaks, but it did comment on the ransom threat last week, telling Cyberdaily at the time that it had “no reason to believe that any other SIE or Sony divisions have been impacted.” Speaking to Cyberdaily following the release of the leaked data, Rhysida said it specifically targeted Insomniac and its sole motive was money. It also claimed that it was able to breach Insomniac within 25 minutes and that Sony should look in its “backyard” as part of its investigation into the hack.

Image credit: PlayStation

Source link

National Cyber Security