If Sony Pictures employees return to work Monday after the Thanksgiving weekend without computer or email access, it will mark the beginning of the second week of blackout for the Culver City movie studio after a widespread hack.
And Sony's headaches do not appear to have lessened. Pirated copies of some Sony movies have begun to appear online on file sharing websites in the days after the attack. It is not known whether the two problems are related.
Among the titles that have popped up are the Brad Pitt World War II drama "Fury," the musical remake "Annie" and the upcoming film "Still Alice." Copies of "Mr. Turner" and "To Write Love on Her Arms" have also surfaced.
"The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it," Sony said in a statement.
Of the Sony movies that have leaked online, "Annie" is the biggest that has not yet been released, but according to the website TorrentFreak, "Fury" (still in theaters) is by far the most popular among file-sharers.
This comes just days after the arrest in Britain of two people suspected of stealing and leaking a DVD-quality copy of Lionsgate's "The Expendables 3" before is domestic debut.
On Nov. 24, Sony Pictures workers who turned on their computers were met by an ominous message from a group calling itself GOP, or Guardians of Peace, which threatened to release "internal data" and "secrets" if its unspecified demands were not met.
Sony has declined to comment on its progress in investigating the attack since it released a statement on Nov. 25, saying, "Sony Pictures Entertainment experienced a system disruption, which we are working diligently to resolve."
Employees have been unable to use their devices and have resorted to pens, paper and fax machines to do their jobs. The company has set up Gmail addresses to use instead of its regular employee emails.
As Sony tries to get itself back online, speculation has swirled over how the attack could have happened and who is responsible.
On Friday, the website Re/code said Sony was investigating the possibility that hackers working on behalf of North Korea could be responsible.
Re/code speculated that the attack may have been in response to Sony's upcoming comedy "The Interview." Seth Rogen and James Franco play a pair behind a TV tabloid show who become part of a plot to assassinate Kim Jong-un. The movie hits theaters on Dec. 25 and is not among those that have popped up on file-sharing sites.
On Tuesday, the tech blog The Verge said it received a message from an email associated with last week's attack that claimed the group had help from Sony employees. The email could not be verified.
A thread on the website Reddit has been full of speculation, trying to piece together what happened.
According to the thread, the hacker group claimed to get ahold of troves of sensitive data, including copies of actors' passports and contract documents. However, none of that information appears to have been released, despite the group's threat to unleash data.
A person close to Sony, who asked not to be identified because of the sensitivity of the situation, said that the scale of the breach was likely limited to internal passwords, which have been changed, and general financial projections. This person also said the North Korea connection was far-fetched.
The issues at Sony could encourage companies to ramp up online security efforts, said Adam Levin, chairman of the identity management company IDT911.
"This is not an isolated incident where there was a fire in one building," Levin said. "This apparently affected their entire system. It shows how companies have to step up even more, whatever their efforts are."
Times Staff Writer Saba Hamedy contributed to this report.
Follow Ryan Faughnder on Twitter for more entertainment business coverage: @rfaughnder