Oli Welsh
is senior editor, U.K., providing news, analysis, and criticism of film, TV, and games. He has been covering the business & culture of video games for two decades.
The ransomware group that hacked Spider-Man 2 developer Insomniac Games on Dec. 12 has followed through on its threat to release the stolen data if it didn’t get paid. The group, Rhysida, has posted 1.67 terabytes of data spanning 1.3 million files on its darknet site. The data includes footage and files from Insomniac’s upcoming Wolverine game, as well as the studio’s release slate for the next 12 years, sensitive commercial and strategy documents, Slack screenshots, and personnel files.
According to Cyber Daily, which was in contact with Rhysida via email, only 98% of the full data set was uploaded, with the remaining files having been sold. Rhysida had been looking for for at least 50 bitcoin, or $2 million, when it tried to auction the data.
It’s a devastating breach, perhaps even more impactful than last year’s Grand Theft Auto 6 hack. It’s certainly broader in scope. The files, which are being widely shared and discussed on sites like Reddit and Imgur, include the full plot and cast of Wolverine, as well as gameplay and animation videos, game files, and design documents for the unreleased Marvel game. But they go much further into Insomniac’s future plans and the strategy of its owner, Sony Interactive Entertainment, too.
The studio’s projected slate through 2035 is laid out in multiple presentations, including future Spider-Man and Ratchet & Clank games, a new intellectual property launch, and the apparent extension of Wolverine into an ongoing series of X-Men games. There are also plans for a suite of online games based on Insomniac’s Marvel superhero properties. (These planning documents may be out of date or subject to change.)
Elsewhere, there are details of the terms of Insomniac’s publishing agreement with Marvel, budgets and commercial plans for upcoming games, and Sony strategy documents that touch on unannounced work by other studios like Guerrilla Games and Bluepoint Games, as well as its view of the acquisition of Activision Blizzard by rival Microsoft.
The amount of Insomniac employees’ personal data that was released is less clear. Cyber Daily says that the files include some internal HR documents, screenshots from Insomniac’s internal Slack, and even the contents of several employees’ computers. It’s not been confirmed if the passport images seen in the collage of screenshots Rhysida released last week were included in the release.
Rhysida’s spokesperson told Cyber Daily the motive for the hack was purely financial. They describe game developers like Insomniac as an “easy target” and the hack as fairly simple, taking the team “20-25 minutes” to get to the domain administrator.
Polygon has contacted Sony Interactive Entertainment for comment.
Rhysida is responsible for a wave of cyber attacks in 2023, including hacking the British Library, a series of healthcare companies, and, it’s believed, international government organisations. The 2022 Rockstar Games hack resulted in the arrest and conviction of two teenagers in the U.K., while an international police force arrested the hackers responsible for a similarly large-scale 2020 Capcom hack in October.
Source: Polygon