Sony confirms data breach impacting thousands in the U.S.

Breach Notification:

* Sony Interactive Entertainment (SIE) has informed approximately 6,800 individuals about a data breach.
* Personal information of current and former employees and their families has been exposed.

How the breach occured:

* The breach was executed via a zero-day vulnerability, CVE-2023-34362.
* A critical-severity SQL injection flaw in the MOVEit Transfer platform was exploited.
* This flaw enables remote code execution and has been widely utilized by the Clop ransomware group in large-scale global attacks.

Timeline of …

breach breach notification critical current cve cve-2023-34362 cybersecurity data data breach employees entertainment exposed flaw information injection injection flaw notification personal personal information severity sie sony sql sql injection vulnerability zero-day zero-day vulnerability