The Breach shows that Sony Pictures data security was, and is a complete joke.
Sony Pictures Entertainment is the division of Sony that oversees production of films, cartoons, and television shows.
It’s also the laughingstock of the cybersecurity world right now.
Last week, hackers broke into Sony Pictures and, among other things, leaked DVD rips of several movies online (including Fury, which just left first-run theaters). The attack is already expected to cost Sony tens of millions of dollars in losses.
But the problems extend beyond a few leaked DVD-quality downloads. Hackers, who used malware that’s been seen online as far back as July stole over 33,000 documents and spreadsheets, including a whopping 47,000 social security numbers. The stolen numbers are from a Sony employee database of some sort, and range from rank-and-file Sony Pictures employees, to household names like Sylvester Stallone and Judd Apatow.
What’s worse is that there was seemingly little in the way of security between the hackers and such sensitive information. The Guardian reports that employees were storing passwords in a folder labeled — you guessed it — “Password.” The folder had several dozen documents and spreadsheets with passwords for internal computers, social media accounts, and various other web applications. All of the data has been uploaded to various filesharing/Usenet services by the hacker group responsible, called the Guardians of Peace (#GOP for short).
Images of Spaceballs, and President Skroob come to mind.
While unconfirmed, many believe the hack was executed by order of the North Korean government, which has a bone to pick with Sony Pictures over its upcoming film The Interview, in which Seth Rogen and James Franco are tasked with assassinating dictator Kim Jong-un.
On the bright side? At least it’s not another Gmail hack.
Source: The Telegraph | The Verge
Published: Dec 5, 2014 08:30 pm