You’d think that developing Spider-Man games might keep the ransomware criminals at bay, but no.
As reported by Cyber Daily, Insomniac Games, the team behind the Spider-Man and Spider-Man 2 games for PS4 and PS5 appears to have suffered a ransomware attack, being hit by the Rhysida group.
Rhysida has released a screenshots showing a limited subset of material including screenshots from Insomniac’s upcoming game that it is developing based around Marvel’s Wolverine.
The Rhysida Ransomware leak also includes personal data including passport scans of current and ex-Insomniac employees as well as personal data relating to Insomniac’s Peter Parker voice actor, Yuri Lowenthal. The kind of data, in other words, that any business would want to keep private to itself under any circumstances. It’s quite standard for groups like this to release sample data from a set to prove that they have had access, as we saw with the Medibank leak, for example.
Rhysida’s TOR site claims to have compromised more than 60 businesses since its debut in May this year, so in many ways Insomniac is just one amongst many — but clearly too many. The Rhysida ransomware group has clearly been pretty busy of late, being linked to attacks on the British Library and King Edward VII hospital in London amongst others.
According to the report, the Rhysida group is giving Insomniac a week to respond before it will sell the data to the highest bidder. Rhysida only takes bitcoin for its ransomware payments, with a current asking price converting out to just over US$40,000.
“Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!” Rhysida apparently claims on its auction site.
Because if you can’t trust cybercriminals to honour a deal, who can you trust?