What just happened? A trove of stolen data originating from a hack on developer Insomniac Games has been released online, revealing footage of the upcoming Wolverine game, sensitive documents, and the company's release schedule over the next 12 years.
On December 12, a ransomware gang called Rhysida posted what appeared to be limited evidence supporting its claim that it had hacked Insomniac Games, maker of the Ratchet & Clank and Marvel's Spider-Man series. Rhysida was offering to sell the data for 50 Bitcoins, or around $2 million.
Cyber Daily reports that with the ransom deadline now having passed, Rhysida has posted the data to its darknet leak site. A total of 1.67 terabytes were uploaded, containing more than 1.3 million files. It appears that someone bought a portion of the stolen data, as 98% of the full set was uploaded.
Much of the leak is related to the highly anticipated Wolverine game, including details about the levels, characters, locations, plot, a target release date, and gameplay/animation videos – a lot of the clips are being shared across X. The stolen data is even said to include a bootable build of Wolverine.
Hackers hacked Insomniac Games and leaked 1 terabyte of data for refusing to pay a ransom; inside there was a lot of interesting stuff: from early gameplay of the new game about Wolverine, to concept art and plot. pic.twitter.com/qcTa6ANzoK
– Trend Trackers Hub (@samilitary) December 19, 2023
Rhysida has also revealed personal employee information, details on unannounced Insomniac and Sony games, budgets, deals, and screenshots of internal spreadsheets. The data covers Insomniac's planned releases stretching through to 2035, including future Spider-Man and Ratchet & Clank games, a new intellectual property, and a series of X-Men games. There are also plans for online titles featuring Wolverine, Spider-Man, and the X-Men.
In a statement attributed to Rhysida, a group spokesperson said, "Yes, we knew who we were attacking. We knew that developers making games like this would be an easy target. We were able to get the domain administrator within 20 – 25 minutes of hacking the network. Sony has launched an investigation, but it would be better in the backyard." They also confirmed that money was the only motive for the attack.
The data dump appears to be even worse than the infamous GTA VI leak that took place in September 2022. The people behind that incident were revealed to be two UK teenagers, one of whom was declared unfit to stand trial in July 2023.
Rhysida has been behind hacks on the British Library, healthcare companies, and possibly government organizations this year. The group was the subject in a joint cybersecurity advisory that highlighted how it attacks "targets of opportunity," often using VPNs to connect to internal networks from the outside, usually due to organizations not enabling MFA by default.