Sony hack chronology: What we know

Cars enter Sony Pictures Entertainment headquarters in Culver City on Dec. 2.
(Nick Ut / Associated Press)

Just before Thanksgiving, Sony Pictures Entertainment found itself the target of a massive security breach. The Times and other media outlets have been reporting on the hacking incident, looking through documents, talking to cyber security analysts and looking more closely at the attack. Here’s what we know:

  • News of the hack first surfaced on Nov. 24. When employees of the Culver City-based studio tried to log onto their computers, they were greeted by an image of a skeleton with the words “Hacked by #GOP” (a reference to a group calling itself Guardians of Peace) before their screens went dark. Staff from coast to coast couldn’t log onto computers or access email.
  • The attack resulted in the piracy of five Sony films: The Brad Pitt World War II drama “Fury,” the forthcoming remake of the musical “Annie,” plus “Still Alice,” “Mr. Turner” and “To Write Love on Her Arms.”
  • Hackers also leaked digital files that contained confidential information. These files contained about 47,000 Social Security numbers of current or former full-time Sony employees, contractors and actors. Judd Apatow, Sylvester Stallone and Rebel Wilson were among those whose personal information was hacked.
  • The FBI confirmed on Dec. 1 that it is helping in the investigation. Sony also enlisted Mandiant, a cyberforensics unit of the security firm FireEye, to assist in the search for the hackers.
  • Widespread speculation has centered on whether Sony’s release of “The Interview” — a comedy starring James Franco and Seth Rogen about a fictional attempt to assassinate North Korean leader Kim Jong Un — led North Korea to retaliate. When asked about potential involvement in the attack last week, a spokesman for the North Korean government told the BBC: “Wait and see.” But a North Korean diplomat later told news outlet Voice of America that the nation is not responsible.
  • Others think disgruntled current or former employees could be behind the attack.
  • In an email to about 6,600 employees on Dec. 2, Sony’s top two executives, Sony Pictures Entertainment Chairman Michael Lynton and co-Chairwoman Amy Pascal, said they are “deeply saddened” by the security breach. They called the theft and leaks “malicious criminal acts.” The executives urged employees to use the identity protection services Sony is offering employees through a third-party provider.
  • According to digital security and legal experts, Sony could face an outlay of tens of millions of dollars. When Sony’s PlayStation Network was hacked in 2011, the company estimated the cost at $170 million.
  • Anxiety among Sony employees escalated Friday after some received a threatening email from someone claiming to be a member of the hacking group. It asked employees to sign a statement disassociating themselves with Sony. “If you don’t, not only you but your family will be in danger,” the message said.
  • On Saturday, Lynton emailed employees with an update on the investigation. “The scope of this attack differs from any we have responded to in the past, as its purpose was to both destroy property and release confidential information to the public,” reads a statement. “The bottom line is that this was an unparalleled and well planned crime, carried out by an organized group, for which neither SPE nor other companies could have been fully prepared.”
  • Later that evening, James Franco poked fun at the Sony hacking while hosting “Saturday Night Live.”
  • North Korea again denied being behind the attack on Sunday. A spokesman for the policy department of the National Defense Committee of the Democratic People’s Republic of Korea told the state-run news outlet that it is “wild rumor.”

For more news on the entertainment industry, follow me @saba_h