In a concerning turn of events, Sony's acclaimed Insomniac Games, known for its success with Marvel's Spider-Man 2, is now grappling with the aftermath of a potential ransomware attack. This incident thrusts the studio into the growing trend of cyber threats targeting the gaming industry, raising alarms about the vulnerability of even the most successful game developers.
Rhysida ransomware's move: Selling stolen data
Sony is actively investigating claims made by the Rhysida ransomware group, alleging that they have stolen sensitive data from Insomniac Games. This includes personal information related to Yuri Lowenthal, the voice actor who portrayed Peter Parker in Spider-Man 2. Australian news outlet Cyber Daily reported today that the group had posted some of this data as proof of the hack. The cybercriminals are currently auctioning the full set of stolen data for approximately $2 million in bitcoin.
The gaming landscape has recently seen a surge in cyber attacks against major studios. High-profile cases include attacks on Bandai Namco, CD Projekt Red, and Riot Games. Even industry giants like Rockstar Games have not been immune, with hackers prematurely unveiling content for the highly anticipated Grand Theft Auto 6, a full year ahead of its official release. Now, Insomniac Games appears to be the latest victim in this string of cyber-attacks, with reports indicating an assault by the notorious Rhysida ransomware group.
Notorious ransomware group Rhysida has reportedly hacked Insomniac Games, giving the studio 7 days to pay them $2M, or they'll leak everything. pic.twitter.com/xgwRAjhPts
— GameSpot (@GameSpot) December 12, 2023
According to sources at Cyber Daily, the Rhysida group claims to have accessed a wealth of sensitive information. This purported breach includes internal emails, confidential studio documents, passport details of employees, and personal records of Yuri Lowenthal, the renowned voice actor for Spider-Man. Additionally, the leaked data is said to contain insights into Insomniac's upcoming Wolverine game, showcasing character art and potential appearances of various Marvel figures in the title.
The Rhysida group has issued an ultimatum, demanding an undisclosed ransom from Insomniac Games within a seven-day deadline. In a bold and concerning development, the cybercriminals are conducting a public auction for the stolen data, with bidding starting at 50 bitcoins – an amount exceeding $2 million. Their statement explicitly warns that the data will be sold to only one buyer, strictly prohibiting any form of resale.
Sony's ongoing Cybersecurity challenges
In response to this situation, a statement published by Eurogamer revealed that Sony is “aware of reports” of the cyberattack at Insomniac Games. They also confirmed that there is currently no reason to believe that any other Sony divisions have been affected by this breach. This attack is not Sony's first encounter with cybersecurity issues this year. Eurogamer noted that Sony Interactive Entertainment recently notified about 6,800 employees affected by a breach in May, part of the widespread MOVEit hacks impacting various companies and governments.
The US Department of Justice and Cybersecurity & Infrastructure Security Agency co-authored a cybersecurity alert last month, specifically addressing the threat posed by the Rhysida group. The alert emphasized that the hacks of enterprise systems by Rhysida are notable due to the lack of Multi-Factor Authentication (MFA) enabled by default in many organizations. Similarly, the information security wing of the US Health and Human Services Department, in an August alert, noted that Rhysida characterizes itself as a “cybersecurity team” in its ransomware notes, primarily targeting educational services providers.
As of this report, there has been no official response from either Sony or Insomniac Games, leaving the gaming community and industry insiders in suspense regarding the fate of the studio's sensitive data. The gravity of this situation is underscored by the recent commercial success of Spider-Man 2, which achieved over 5 million sales within weeks of its launch.
The implications of this attack extend beyond the immediate financial and reputational damage to Insomniac Games. They resonate throughout the gaming industry, serving as a cautionary tale about the importance of robust cybersecurity measures. As the deadline set by the Rhysida group approaches, the pressure mounts on Insomniac Games to navigate this cyber crisis effectively. The outcome of this situation will undoubtedly have far-reaching consequences, potentially shaping cybersecurity strategies in the gaming industry for years to come.
Follow Us
Subscribe