Sony Pictures corporate files stolen and released in cyberattack
Sony has quite the history with hacking and cyberattacks affecting its networks, and now a subsidiary of the company is coping with intrusion on internal networks.
Sony Pictures Entertainment, the television and movie arm of the tech giant, was hijacked this week. On Monday, employees at the company discovered a skull and message from either a group or individual on Sony's systems, threatening the leak of sensitive corporate data unless particular demands were met.
On Monday, the Sony website also reportedly displayed a message showing "#GOP," which may indicate a group called Guardians of Peace was behind the attack. The message read:
We've already warned you and this is just a beginning. We've obtained all your internal data including your secrets and top secrets [which will be released] if you don't obey us.
As reported by Ars Technica, several Twitter accounts belonging to the company were also briefly taken over, stating that CEO Michael Lynton "will surely go to hell," and displaying an image showing the executive's head within a hellish landscape.
Sony employees reportedly say the computer network was shut down as a precaution and it could take weeks before the situation is resolved.
In the meantime, data potentially stolen from Sony in order to make the tech giant bow to their demands has found its way online. A Reddit thread surrounding the security problem claims that the data includes files with passwords, password hints and copies of passports from actors who have starred in Sony films, as well as production crews.
The downloadable copy — which is now also available through torrent software — includes text files that list the data allegedly stolen, and email addresses for those who want the data to contact. The lists include a variety of information, including:
- .PDF files containing passwords and identity documents
- Spreadsheets laden with passwords for accounting and research, as well as a file called "CA Breach Notification for User Names and Passwords (MoFo),"
- Hundreds of Outlook .pst mailboxes
- IT audit documents
- Media files related to films not produced by Sony
Sony issued a statement concerning the network breach, curtly saying the company is investigating the "IT matter."
The firm has experience with security issues in the past. Sony's PlayStation network suffered a catastrophic breach in 2011 that resulted in the leak of personal information belonging to over 77 million users and cost the company over $15 million in compensation claims. Earlier this year, the electronics giant was hit by a DDoS attack, and threats to the president of Sony's Online Entertainment division, John Smedley, forced the executive's plane to be grounded.
Read on: In the world of security
- Apple Pay rival CurrentC hacked
- FBI Director: Mobile encryption could lead us to 'very dark place'
- FBI chief compares Chinese hackers to 'drunk burglars'
- Hackers infiltrate White House network
- Teen hackers charged with stealing $100 million in Army, Microsoft tech
- Enterprise network security takes backseat to speed: McAfee
- Military secrets theft hacking trail leads to Russia
- Facebook doubles advertising bug bounty