Insomniac Games confirms breach from Rhysida ransomware attack

BleepingComputer reports that Sony-owned video game developer Insomniac Games has disclosed that data from its current and former employees and independent contractors have been exfiltrated and exposed by the Rhysida ransomware operation following an attack in late November. Nearly 98% of files stolen by Rhysida have been leaked on its dark web leak site, including personal information, ID scans, and internal files, including licensing deals and contracts with Nvidia and Marvel. In breach notification letters sent to individuals impacted by the incident, Insomniac Games noted that it deferred the disclosure of affected information as it worked to analyze the data compromised by the Rhysida ransomware operation. Impacted employees have also been given additional complimentary credit monitoring and identity restoration as a result of the breach. Such a development comes months after the Rhysida ransomware gang had been reported by the FBI and Cybersecurity and Infrastructure Security Agency to be behind attacks against various industries.