Insomniac Games, the renowned studio behind titles like Spider-Man 2 and the Ratchet & Clank series, has reportedly fallen victim to a cyberattack orchestrated by the Rhysida hacker group, demanding a ransom of 50 Bitcoin, equivalent to over $2 million, CyberDaily revealed.
Sony, the parent company of Insomniac Games, is actively investigating the security breach. According to reports, the hackers, part of the Rhysida group, claim to have accessed sensitive data, including U.S. passport scans, personal information from W9 tax forms, and game screenshots from Insomniac’s upcoming Wolverine game based on the Marvel superhero.
The compromised personal data is believed to pertain to current or former Insomniac Games employees, who likely provided details such as social security numbers and addresses on tax forms.
The hackers have allegedly issued a one-week deadline for Insomniac Games to meet their ransom demands. In the meantime, they have initiated an auction of the stolen data, with bidding starting at 50 BTC. The cybercriminals emphasized exclusivity, stating, “We sell only to one hand, no reselling, you will be the only owner!”
Rhysida has been linked to previous cyberattacks, including breaches at the British Library and a U.K. hospital earlier this year.
Sony, while acknowledging the cyberattack on Insomniac Games, stated that there is no reason to believe other divisions within Sony Interactive Entertainment (SIE) have been affected.
The incident reflects the ongoing cybersecurity challenges faced by the gaming industry, with high-profile studios and publishers being targeted for valuable data.
In 2022, Rockstar Games experienced a similar breach, resulting in leaks from the development of Grand Theft Auto 6. Additionally, Sony itself encountered a major hack in October, allegedly orchestrated by the RansomedVC group.
The extent of the impact on individuals affected by the Insomniac Games cyberattack remains unknown at this time.