{"id":3834,"date":"2014-12-04T01:47:29","date_gmt":"2014-12-03T17:47:29","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3834"},"modified":"2015-09-09T19:36:42","modified_gmt":"2015-09-09T11:36:42","slug":"sony-pictures-hacked-employee-details-movies-leaked","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2014\/12\/sony-pictures-hacked-employee-details-movies-leaked\/","title":{"rendered":"Sony Pictures Hacked – Employee Details & Movies Leaked"},"content":{"rendered":"

Sony hasn’t always had the best of times when it comes to being hacked, back in 2011 Sony basically had to rebuild the PlayStation Network (PSN)<\/a> because of a hack which rendered the service off-line for almost a whole week.<\/p>\n

Plus the fact the PSN hack could have leaked up to 10 million user accounts which included credit card details. And again in 2011 they lost 25 Million Customer Account Details Through SOE (Sony Online Entertainment)<\/a>.<\/p>\n

\"Sony<\/p>\n

The hack was so bad, it basically shut down Sony Pictures – the above picture is a photo of a desktop in the Sony Pictures office and apparently all computers were showing this. Similar images came from various sources in different offices showing that this is indeed a seriously pervasive attack.<\/p>\n

If you downloaded the archive from the URLs in the pictures, it contains text files which are basically HUGE lists of filenames, files that have leaked from Sony servers. And there’s some serious stuff in there including Hollywood stars passport scans, ppk files (SSH private keys), password lists and much much more. <\/p>\n

There’s some discussion on the contents and analyse on Reddit here: I used to work for Sony Pictures<\/a>.<\/p>\n

The password lists\/SSH keys also led to the compromise of many more related services and accounts (many film related Twitter accounts were hacked<\/a>).<\/p>\n

Sony Pictures is investigating a breach that has seen hackers supposedly steal reams of internal data and splash defacements across staff computers. The company is now in lock-down as it wrestles with the problem.<\/p>\n

The beleaguered company, writes Variety, has requested staff disconnect their computers and personal devices from the Sony network and shut down virtual private networks.<\/p>\n

Cracking group Guardians of Peace claimed responsibility for a defacement appearing on staff machines that it stole internal corporate data. The group says it will leak more details to the public web depending on what Sony ‘decided’ in what appeared to be a reference to demands quietly sent to the company earlier.<\/p><\/blockquote>\n

Source: The Register<\/a><\/p>\n

Sony Pictures e-mail servers were still totally off-line the day after the attack and they made a statement saying it could take between 1-3 weeks to rectify the matter.<\/p>\n

It seems like the attackers are really leaking the files they stole too as details of Sony employees were leaked including personal details and salaries.<\/p>\n

It’s getting worse for Sony: the latest dump from the raid that’s brought the company to an IT standstill include the personal detas of staff.<\/p>\n

Documents leaked through BitTorrent show the names, home addresses, salaries (and bonuses), and social security numbers of thousands of staff, including executives.<\/p>\n

Sony Pictures Entertainment could not be reached for comment by the time of writing.<\/p>\n

Some 17 executives, from programming to advertising, were listed as having salaries over US$1 million. Severance pays also appeared to be listed.<\/p><\/blockquote>\n

Source: The Register<\/a><\/p>\n

It’s 8 days since the attack and Sony Pictures is still struggling to recover, it also seems like some unreleased movies might (including Annie) have been leaked during the compromise.<\/p>\n