Sony is once again facing a potential security breach, this time by a ransomware group claiming to have hacked into PlayStation systems. The group, known as LAPSUS$, announced the alleged hack on their dark website on Sunday. While details remain scarce, this could have major implications for PlayStation users if true.
According to the ransomware group, they have breached all Sony systems and stolen valuable data, including source code for games and firmware. As “proof,” they have shared some screenshots of what appears to be an internal login page, PowerPoint presentation, and file directory.
However, cybersecurity experts say this information is not very compelling. “None of it is particularly compelling information on the face of things,” said Cyber Security Connect. They believe LAPSUS$ may be exaggerating the extent of their hack.
At this time, based on the limited data, it’s incredibly hard to determine the scope or how credible the boasts from the hackers are. PlayStation’s online services do not appear to have been impacted so far, with no word if user data is at risk.
This is not the first time Sony’s systems have been targeted. In 2011, the PlayStation Network suffered a major breach that exposed 77 million users’ personal information. Sony ended up shutting PSN down for nearly a month to overhaul security.
More recently, in 2014, Sony Pictures fell victim to a devastating hack by North Korea in retaliation for the film The Interview. Terabytes of sensitive data, including upcoming movie scripts and employees’ personal and medical information, were leaked. Time will tell if Sony can recover their systems yet again from a major cyberattack. But PlayStation users may need to brace themselves for potential impacts.
If LAPSUS$’ claims are true, this breach could have similar consequences. Important source code and intellectual property could be at risk of leaking. There is also potential for significant disruption of PlayStation Network services. As with any hacks, we advise users to preemptively change any passwords that may also used on any PlayStation service to avoid any issues with other online accounts.
CGMagazine has reached out for comment, but at the time of writing, Sony has not officially confirmed or denied the scope of the breach; we will update the story if the situation changes.
