SUMMARY
- Insomniac Studio was hit by Rhysida in a major hacking attack that left Insomniac exposed and the hacker group made off with a lot of the company data. The data was released online after Rhysida didn't manage to get a potential buyer.
- The hack targeted Insomniac's Wolverine in full force, resulting in leaks of gameplay footage, timeline of release, mechanics, etc.
Just a week after a ransomware group Rhysida publicized that they have successfully hacked into Insomniac Games and stolen important information, the ransomware group has published over 1.3 million such files online. These files published online are available for anyone to grab.
Addressing the threat a week ago, Sony reportedly said, “We are aware of reports that Insomniac Games has been the victim of a cyber security attack. We are currently investigating this situation. We have no reason to believe that any other SIE or Sony divisions have been impacted.”
The group was allegedly using 50 bitcoin, or $2 million, in an auction posted on its website in exchange for Insomniac‘s data.
Insomniac data leaked
The leak took place on Monday night after the group stated that no buyer was ready to pay the $2 million asking price to buy the data. In total, the data comes in at nearly 1.7 terabytes in size.
When asked about the leaked data, Insomniac Games told Cyber Daily that the ransomware group had intentionally targetted the company and that it “knew developers making games like this were an easy target”. They also added that the group did not make much effort to get into the studio’s network for the data.
What data from Insomniac Games’ was leaked?
Reports suggest that a lot of the company’s information was leaked by Rhysida, including several future projects of the company. The leaked data from the Insomniac hack includes information ranging from game release dates and spoilers for the upcoming Wolverine game to sensitive employee information.
As initially reported by Cyber Daily, the leak involves sensitive information including internal employee HR documents, tax information, internal company messages, computer information, termination forms, and even passport details of the studio’s employees. Sources who have managed to get access to some of the leaked information confirm that much of the reported information is within the files.
All future Insomniac projects
byu/OrangeC-2003 inGamingLeaksAndRumours
The leaks included a signed contract between Sony and Marvel. The contract was regarding the development and publishing of X-Men games. This series of games would begin with the launch of the Wolverine title. The contract is reportedly signed by both Sony’s Jim Ryan and Marvel’s Isaac Perlmutter and states it is in effect from July 2021. Under the agreement, a total of three X-Men games are covered.
The leaks also revealed the following projects along with the release windows that Insomniac was looking at:
- Marvel’s Venom in Fall 2025
- Marvel’s Wolverine in Fall 2026
- Marvel’s Spider-Man 3 in Fall 2028
- New Ratchet & Clank in Fall 2029
- Marvel’s X-Men in Fall 2030
Notably as seen in the leaked data, Marvel’s Venom was on cards in 2025. However, after the release of Marvel’s Spider-Man 2 this year, when asked about a Venom spin-off or game, the developers responded saying they are open to the idea. Additionally, the leaked data also reveals that Insomniac was aiming at releasing a new (intellectual property) IP in 2031 or 2032.
Rhysida isn’t new to such privacy breaches and data leaks. In November, the United States Federal Bureau of Investigations and Cybersecurity and Infrastructure Security Agency issued a warning about the group. They have in the past claimed responsibility for healthcare company attacks as well as the recent British Library hack.