In a recent cyberattack, renowned game developer Insomniac Games fell victim to a ransomware attack that has sent shockwaves through the gaming industry. Hackers targeted the company, threatening to auction off stolen data if a $2 million Bitcoin ransom was not paid to them.
The attack has exposed a staggering 1.67 terabytes of data, making it one of the largest data leaks in gaming history. Here, we provide a detailed account of the incident, its implications, and the ongoing investigation.
The ransomware attack
Last week, a malicious ransomware group, identified as Rhysida, infiltrated Insomniac Games’ network and seized control of sensitive information. In a daring act, the hackers demanded a ransom of $2 million in Bitcoin from Sony, Insomniac’s parent company.
If their demands were unmet, the group threatened to auction off the stolen data to the highest bidder.
As the deadline for the ransom payment passed, Rhysida took drastic measures. They made a staggering 1.67 terabytes of data public, affecting not only Insomniac Games but also raising concerns about the privacy and security of the employees whose personal information was compromised.
The exposed data includes many sensitive documents, such as internal emails, Slack screenshots, HR records, passport scans, and a publishing agreement with Marvel.
Implications for insomniac games
The leaked data extends beyond sensitive internal documents. Intriguingly, it contains information about the highly anticipated Wolverine game, including plot details and gameplay footage.
This revelation has sent shockwaves through the gaming community, leaving fans excited and concerned about potential spoilers for the upcoming release. Additionally, Insomniac’s long-term plans in the gaming industry, with a slate of games scheduled until 2032, have also been exposed.
Rhysida, the group behind the attack, shed light on their motive. They claimed Insomniac Games was deliberately chosen because “developers making games like this would be an easy target.”
Their primary goal appeared to be financial gain, evident by their immediate auction of the stolen data, which commenced at 50 Bitcoins (approximately $2 million). Interestingly, Sony was invited to participate in the auction, but whether they chose to do so remains unclear.
Extent of data disclosure
Although 98 percent of the stolen data has been made public, there are indications that a small portion (approximately two percent) may have been sold to an undisclosed buyer.
The nature of this sold data remains uncertain, raising questions about the security and privacy of those potentially affected.
Rhysida claimed that hacking into Insomniac’s network was a relatively straightforward task. They reported gaining control of the domain administrator within 20 to 25 minutes of infiltrating the network.
This revelation underscores the pressing need for enhanced cybersecurity measures across the gaming industry.
Investigation and Sony’s response
In response to the cyberattack, Sony initiated an investigation into the breach. However, no significant developments have been made public thus far. The company has also refrained from commenting on the recent data leak.
