Hackers share over 1.6 terabytes of Insomniac data, including employee personal information
2% of published files reportedly flogged to online bidders
After threatening to do so last week, ransomware group Rhysida have published well over a terabyte of stolen Insomniac Games data, with files ranging from personal information about Insomniac employees to details of forthcoming videogame projects, such as the already-announced Wolverine.
As reported by Cyberdaily, the leak totals 1.3 million files and represents 98% of the data Rhysida obtained from the Spider-Man and Ratchet & Clank studio. According to Rhysida themselves, the remaining 2% of the files have been flogged to an unnamed seller or sellers on the dark web.
The hacked info is said to span HR and Slack correspondence, passport information, Zoom conference materials, employment documents, and the contents of several individual employee PCs. It's a colossal breach of privacy, one of the largest in the industry's history.
There's also apparently info on several future Insomniac collaborations and games based on the developer's own IP, together with Sony financial and planning documents. In particular, the leak appears to contain a vast amount of data relating to Insomniac's Wolverine game, including a plot outline, in-development footage and the voice acting cast. Be careful when googling the latter, as there are now plentiful spoilers in the wild.
As reported by the Guardian in November, Rhysida are the latter-day incarnation of a criminal operation called Gold Victor, who were established in 2021. The group’s other targets include the British Library, government institutions in Portugal, Chile and Kuwait, and the US hospital group Prospect Medical Holdings. According to US government agencies, Rhysida members have offered "ransomware-as-a-service" to other criminal organisations, leasing out tools and infrastructure under a profit-sharing model, with ransom cash shared between Rhysida and affiliates.
When Rhysida made their original announcement, Sony commented that they were "investigating this situation" and had "no reason to believe that any other SIE or Sony divisions have been impacted". I've asked for an update about Rhysida's latest movements. Thanks, VGC.