Incidents

Return of the Hack, Playstation Accounts breached again

Sony has reported that it has had a number of sign-in attempts on accounts belonging to users on its various networks. In a statement on the Sony site it was revealed that “Sony Network Entertainment International LLC and Sony Online Entertainment (SOE) have detected a large amount of unauthorized sign-in attempts on PlayStation®Network (PSN), Sony Entertainment Network (SEN) and Sony Online Entertainment (SOE) services.”

Approximately 93,000 user accounts were successfully breached, and Sony has responded by locking those accounts. Sony further explains that none of the credit card details for any of the accounts are at risk, and that “These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or sources.”

What is notable in this breach is Sony’s new candid nature in notifying the public and its users more quickly. After the companies slow response last April in responding to a breach that affected more than 70 million users, Sony likely wants to avoid the public relations disaster that ensued after its various networks and user databases were consecutively exploited at least 19 more times.

Sony will be notifying affected users about their locked accounts via email, and will require them to perform a password reset. We encourage users of the Playstation network to be careful in responding to email notifications from Sony as these types of situations provide an opportunity for scammers to collect login and password data and compromise your accounts. If you’re in any way concerned that your account may have been compromised, you should log in and change your password immediately.

Return of the Hack, Playstation Accounts breached again

Your email address will not be published.

 

Reports

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Subscribe to our weekly e-mails

The hottest research right in your inbox