Sony Data Breached, Impacting 6,700 Current, Former Employees

Sony was the target of a data breach affecting the personal data of more than 6,700 current and former employees.

In a letter to employees, Sony said on May 31, Progress Software announced it discovered a vulnerability in its Moveit file transfer program used by Sony Interactive Entertainment (SIE) and thousands of others. 

Two days before the Progress Software announcement, Sony said it discovered an “unauthorized actor used the vulnerability to download some SIE files stored on our Moveit platform.” 

The unauthorized downloads were discovered on June 2, at which point Sony took the platform offline to fix the issue, launched an investigation and notified law enforcement. 

Sony said the attack was limited to the Moveit transfer platform and did not impact any other company systems. 

Employees were notified in a letter dated Oct. 3 in which the company said it immediately began fixing the issue and increased system monitoring, as well as taking steps to reduce the risk of it happening again. Sony offered employees complimentary credit monitoring and identity restoration services. 

Like what you've read? For more stories like this on cybersecurity and emerging technologies, sign up for our free daily email newsletter to stay updated!