Sony confirms security breaches, notifying 6,800 employees of data exposure

Sony Interactive Entertainment has issued a warning to 6,800 current and former employees that their data may have been collected by hackers.

Sony confirms multiple security breaches, with one occurring in May and another in September, leading to the exposure of employee data. The breaches are related to vulnerabilities in the MOVEit Transfer platform used by SIE. Progress Software, the creator of MOVEit Transfer, had notified its clients, including Sony, of the vulnerability in May.

Sony discovered the May breach on May 28th when hackers downloaded data off the server, including personally identifiable information of US-based employees. Sony is providing credit monitoring services to those affected and has since fixed the vulnerability.

Another breach in September involved a server located in Japan, used for internal testing in Sony's Entertainment, Technology, and Services business. Although hackers leaked files from this incident, Sony states it had "no adverse impact on Sony's operations."