Spider-Man Developer Hit by Ransomware

Spider-Man and Spider-Man 2 developer Insomniac Games has apparently been hit by a ransomware attack perpetrated by the group Rhysida. This gang is currently auctioning off alleged stolen data for a starting price of $2 million in Bitcoin.

While the Rhysida ransomware gang claims the data is “exclusive, unique, and impressive,” details regarding its specific contents and volume remain unclear. “Low-quality screenshots,” shared by the group, appear to show confidential internal emails, passport copies, personal ID cards, and images related to game assets or gameplay.

The cybercrime gang is currently offering the Burbank, California-based Insomniac a week to respond to their demands before releasing the stolen data to the highest bidder. Notably, the group only accepts Bitcoin for ransomware payments, with their current asking price exceeding US$40,000. The initial bid for the stolen data stands at 50 Bitcoin (approximately $2 million).

“With just seven days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data. Open your wallets and be ready to buy exclusive data. We sell only to one hand , no reselling, you will be the only owner,” Rhysida posted on their Dark Web blog site.

This short deadline is a tactic commonly used by ransomware actors to pressure companies into paying the ransom demand. 

Rhysida, a relatively new player on the cybercrime scene, first emerged in May 2023. The US Cybersecurity and Infrastructure Security Agency (CISA) classifies it as a threat actor targeting “targets of opportunity” across various sectors, including education, healthcare, manufacturing, information technology, and government.

This notorious threat the group has targeted nearly 50 organizations over the past 12 months, including the Chilean government and the Prospect Medical Group. The group operates a profit-based ransomware-as-a-service (RaaS) and is believed to have connections to Vice Society, a group known for its attacks on education in the US, Canada, and the UK. 

The data exposed in the Rhysida ransomware attack on Insomniac Games extends beyond game assets and confidential emails, including highly sensitive personal information like passport scans of current/former employees, private details about actor Yuri Lowenthal, the voice of Peter Parker in Insomniac’s Spider-Man games.

Screenshot from the dark web auction site of the Rhysida Ransomware group

This is precisely the data any company would strive to keep confidential under any circumstances. As witnessed with the recent Medibank leak, releasing a limited sample of stolen data is a standard practice for these groups to demonstrate their access and leverage their demands.

PlayStation Studios, Insomniac’s owner, is yet to respond to this incident. will update this post when the company releases an official statement.