Sony confirms data breach impacting thousands in the US

pMicrosoft fixes critical Azure CLI flaw that leaked credentials in logsppLockBit ransomware exploits Citrix Bleed in attacks 10K servers exposedppMicrosoft November 2023 Patch Tuesday fixes 5 zerodays 58 flawsppEthereum feature abused to steal 60 million from 99K victimsppIPStorm botnet with 23000 proxies for malicious traffic dismantledppWP Fastest Cache plugin bug exposes 600K WordPress sites to attacksppNew Reptar CPU flaw impacts Intel desktop and server systemsppVMware discloses critical VCD Appliance auth bypass with no patchppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecurityppppSony Interactive Entertainment Sony has notified current and former employees and their family members about a cybersecurity breach that exposed personal informationppThe company sent the data breach notification to about 6800 individuals confirming that the intrusion occurred after an unauthorized party exploited a zeroday vulnerability in the MOVEit Transfer platformppThe zeroday is CVE202334362 a criticalseverity SQL injection flaw that leads to remote code execution leveraged by the Clop ransomware in largescale attacks that compromised numerous organizations across the worldppClop ransomware gang added Sony Group to its list of victims in late June However the firm did not provide a public statement until nowppppAccording to the data breach notification the compromise happened on May 28 three days before Sony learned from Progress Software the MOVEit vendor about the flaw but it was discovered in early JuneppOn June 2 2023 we discovered the unauthorized downloads immediately took the platform offline and remediated the vulnerability reads the noticeppAn investigation was then launched with assistance from external cybersecurity experts We also notified law enforcement Sony says in the data breach notificationppSony says the incident was limited to the particular software platform and had no impact on any of its other systemsppStill sensitive information belonging to 6791 people in the US was compromised The firm has individually determined the exposed details and listed them in each individual letter but it is censored in the notification sample submitted to the Office of the Maine Attorney GeneralppThe notification recipients are now offered credit monitoring and identity restoration services through Equifax which they can access by using their unique code until February 29 2024ppLate last month following allegations on hacking forums that Sony had been breached again and 314 GB of data had been stolen from the companys systems the firm responded by saying it was investigating the claimsppThe leaked dataset that at least two separate threat actors held contained details for the SonarQube platform certificates Creators Cloud incident response policies a device emulator for generating licenses and moreppA Sony spokesperson shared with BleepingComputer the statement below which confirms a limited security breachppSony has been investigating recent public claims of a security incident at Sony We are working with thirdparty forensics experts and have identified activity on a single server located in Japan used for internal testing for the Entertainment Technology and Services ETS businessppSony has taken this server offline while the investigation is ongoing There is currently no indication that customer or business partner data was stored on the affected server or that any other Sony systems were affected There has been no adverse impact on Sonys operationsppThis confirms that Sony has suffered two security breaches in the past four monthsppMaine govt notifies 13 million people of MOVEit data breachppBORN Ontario child registry data breach affects 34 million peopleppKyocera AVX says ransomware attack impacted 39000 individualsppMicrosoft SysAid zeroday flaw exploited in Clop ransomware attacksppTransForm says ransomware data breach affects 267000 patientsppIm amazed Ok not really ppAh Sony the digital realms rerun of a show weve seen before Clop ransomware took the stage Sony followed with a delayed bow and the audience Well they got credit monitoring as a parting gift Its the same old script just a different day Encore anyoneppNot a member yet Register NowppIsrael warns of BiBi wiper attacks targeting Linux and WindowsppMicrosoft November 2023 Patch Tuesday fixes 5 zerodays 58 flawsppMalwarebytes AntiMalwareppWindows Repair All In OneppMcAfee Consumer Products Removal toolppAdwCleanerppEverything Desktop SearchppTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2023 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp