Employees of the Culver City-based studio who tried to log on to their work computers Monday were greeted with an ominous warning. An image of a sneering red skeleton appeared on the screen under "Hacked By #GOP," reportedly short for "Guardians of Peace," and a list of threats.
Then the system went dark.
Staff from coast to coast couldn't log on to computers or access email, bringing the workday to a crawl. They were reduced to using old-fashioned pen and paper to complete assignments and taking calls on landline telephones. "We even fired up our fax machine," one person said.
The hacker group's warning that popped up on computers had overtones of blackmail to Sony, the company behind movies such as "The Amazing Spider-Man 2" and TV shows including "The Blacklist."
Without specifying demands, the group warned Sony that it had obtained "secrets" and threatened to leak them to the Web. The hackers said they would release internal information late Monday, but there was no indication that they followed through.
"We've already warned you, and this is just a beginning," the message read. "We continue till our request be met.... If you don't obey us, we'll release data shown below to the world."
Cybersecurity experts said little was known about the hackers, and it was not known whether the FBI or other government agencies were involved.
Sony said it was investigating "an IT matter" but declined to give any more information. People with knowledge of the situation who were not authorized to speak publicly said that Sony Pictures Animation, Sony Music Entertainment and other parts of parent company Sony Corp. were not affectetd.
This would not be the first time the Tokyo-based electronics and entertainment giant has been the target of cybercriminals. Sony's
The Sony film unit is only the latest company to get hit. Retail giant Target Corp. last year had to face the Black Friday theft of a huge swath of customer information, including some 40 million credit card numbers.
Millions of customers have seen their information stolen in other recent attacks on companies including
A recent report from the consulting firm
"It's obvious from the scope of what's been done that the intruders owned the entire environment," Lieberman said. "Sony lost control of their environment."
He said similar attacks have unfolded in this way: A hacker gains access to login information for an IT administrator, then uses those credentials to sniff around the network. "Ransom-ware," like that appearing on Sony employees' computers, is installed.
One Sony employee, who did not want to be named because of the sensitivity of the situation, said the hack has disrupted everyone's workflow.
The employee said several people she knew saw the skeleton #GOP hack image pop up on their screens before the system went dark. Without access to their computers, they feared that their computer files could be lost.
Abby Adams, who works at a coffee shop on the Sony lot in Culver City, said there were long lines of employees who couldn't work because of the hack. She said a regular walked into the coffee shop around 8:15 a.m. and said "be warned, its going to be a busy day."
Elsewhere on social media, speculation over the #SonyHack and the #GOP group was buzzing. Workers worried that the system could be down for days.