Subscribe

Trove of Sony financial data, passwords, movies leaked online

More than 40 gigabytes of Sony Pictures data have been published, and the hackers claim to have taken 100 terabytes.

  • close
    The hackers who attacked Sony Pictures' network last month have released employee social security numbers, salary data, passwords, and other information online.
    Nick Ut/AP/File
    View Caption
  • About video ads
    View Caption
of

The Sony Pictures hack, which took place on November 24 and led to the shutdown of the studio’s entire computer network, unfurls still. This week, hackers anonymously posted personal details of Sony employees – including social security numbers and the salary information for top executives – and copies of four unreleased Sony movies, including “Annie,” which is not scheduled for wide release until close to Christmas.

Then, on Thursday, documents containing thousands of passwords to Sony computers, social media accounts, credit cards, and Web services, were leaked as well.

Sony Pictures is in full damage-control mode. The studio has reset its network and regained control of its sites, and is working with the FBI and security company FireEye to figure out what happened and how to prevent future attacks.

But the scale of the breach is staggering: 40 gigabytes of Sony data have already been posted online, and Guardians of Peace, the hacker group claiming responsibility for the attack, says that's a tiny fraction of the 100 terabytes (100,000 gigabytes) of information it nabbed. (According to Newsweek, the reason the rest of the data hasn’t appeared online yet is because the hackers don’t yet know how to share such a large amount of data.)

Many news reports have speculated that North Korea might have played a role in the hack as payback for “The Interview,” an upcoming Sony comedy starring James Franco and Seth Rogen as journalists who are given an assignment by the CIA to assassinate North Korean leader Kim Jong-Un. In June, the North Korean government said the movie’s release would be an “act of war,” and threatened a “resolute and merciless” response against the US if “The Interview” wasn’t banned.

But an anonymous North Korean diplomat denied that his country had anything to do with the Sony Pictures hack, telling the Voice of America that North Korea is “follow[ing] international norms banning hacking and piracy.” Sam Kassoumeh, the chief executive of analytics company ScoreCard, speculated in a phone conversation with Ars Technica that one or more Sony employees might have enabled the hack to happen, possibly in retaliation for layoffs the company made earlier this year.

The leaked passwords show that Sony Pictures could take its internal data security a little more seriously. Many of the passwords are stored unencrypted in Excel spreadsheets and Word files with names like “password list.xls.” BuzzFeed reports that many of the passwords were common words with numbers added to the end – precisely the kind of weak password security experts warn us not to use.

Since the hack, Sony Pictures has secured its accounts – and presumably tightened its password policies – but there’s no telling what other sensitive information the hackers gained that could still be published online.

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK