Sony tries to contain damage as hackers leak more data

Sony scrambles as hackers release more links to the company's private data

Sony executives are struggling to contain damage in the aftermath of a hacking that leaked several finished films, personal information about thousands of employees and other confidential documents.

On Wednesday, hackers distributed digital files that contained a list of nearly 2,500 servers and 245 individual computers that the hackers said they had access to at Sony offices in New York, Atlanta, Glendale, the Sony Pictures Studios lot and elsewhere.

The files, from a link hackers sent in emails to the media, also included documents with people's passwords to various accounts for Sony's YouTube channels, Google Analytics and Verizon Wireless. The hackers also claimed to have had access to an additional 2,990 computers in North America and 5,000 elsewhere around the world.

The trove of documents also included allegedly confidential information about Walt Disney Co.'s ABC TV stations and other TV station groups that license syndicated fare from Sony Television, including the daytime talk shows "The Queen Latifah Show" and "The Dr. Oz Show," and reruns of off-network sit-coms "Seinfeld" and "The Queen of Kings."

Though links to download the Sony files were being removed, many remained accessible Wednesday afternoon.

A representative of Sony declined to comment on the latest leak, but in a statement the studio said its investigation was ongoing and disputed reports that suggested the company would name North Korea as the source. Some experts have speculated that North Korea is responsible in retaliation for the upcoming Sony movie "The Interview," a comedy that depicts a fictional assassination attempt on leader Kim Jong Un. Others have said the attack could be the work of a disgruntled current or former employee.

"The investigation continues into this very sophisticated cyberattack," the company said Wednesday morning.

The Culver City studio is assisting the FBI in looking into the security breach. Sony has also enlisted the help of Mandiant, a cyberforensics unit of the security firm FireEye Inc.

In an email to about 6,600 employees Tuesday evening, Sony's top two executives — Sony Pictures Entertainment Chairman Michael Lynton and co-Chairman Amy Pascal — said they are "deeply saddened" by the security breach that led to leaked personal employee and company information.

They called the theft and leaks "malicious criminal acts."

When Sony workers tried to log on to their computers last week, they were greeted with an image of a skeleton accompanied by the text "Hacked By #GOP." The message appeared to be an attempt to blackmail Sony by a group calling itself Guardians of Peace.

The security breach resulted in the pirating of DVD copies of at least five movies, including Brad Pitt's "Fury" and the upcoming musical "Annie."

A spreadsheet allegedly containing personal information of Sony employees — including several executives' salaries and the Social Security numbers of 3,803 employees — also surfaced on the Web on Monday. In their memo, Pascal and Lynton essentially confirmed the authenticity of the data.

"It is now apparent that a large amount of confidential Sony Pictures Entertainment data has been stolen by the cyber attackers, including personnel information and business documents," Pascal and Lynton wrote in their email.

The executives urged employees to utilize the identity protection services Sony is offering employees through a third-party provider.

"While we are not yet sure of the full scope of information that the attackers have or might release, we unfortunately have to ask you to assume that information about you in the possession of the company might be in their possession," Pascal and Lynton wrote.

Other Hollywood studios said they have been reviewing their operations and security measures in the wake of the Sony attack.

The massive hack spotlighted an already sensitive subject for studios that rely on digital transmissions of their intellectual property — feature films worth billions of dollars, not to mention confidential information about employees, contractors and vendors.

After reviewing several of the leaked files, malware researcher Jaime Blasco of San Mateo, Calif., security firm AlienVault Inc. said it was clear the "attackers knew the internal network from Sony."

He said that "in most of the files the machine the attacker used to compile the malware had Korean as the language in the system." But, he added, "data can often be fake."

The hack even hit auditing and professional services firm Deloitte, which has worked with Sony Pictures in the past, according to Fusion, an online news outlet and cable channel.

"We have seen coverage regarding what is alleged to be 9-year-old Deloitte data from a non-Deloitte system," the company said in a statement. "We have not confirmed the veracity of this information at this time."

Times staff writers Ryan Faughnder, Meg James and Daniel Miller contributed to this report.

Copyright © 2016, Los Angeles Times
45°