Sony hack attack data leak exposes, employee details, salary data; being shared on Sony’s PlayStation Network web servers and torrents.
Sony suffered a major hack attack this week when its corporate network was hacked by a unknown hacker called #GOP or Guardians of Peace. The hackers, it seems, not only stole the five of the studio’s upcoming movies but also sensitive data which is around 25GB in size. According to Brian Krebs of Krebs On Security, the leaked data consists of sensitive data on tens of thousands of Sony employees, including Social Security numbers, medical and salary information. Brian also added that the hackers may have destroyed data on an unknown number of internal Sony systems.
What is even more embarrassing for Sony is that the stolen files or parts of it are being shared on its own PlayStation Network web servers in addition to being shared on torrent networks. A Excel spreadsheet detailing the names, locations, employee ids, network username, base salary and date of birth of more than 6800 Sony employees is routinely being shared both on PSN and Torrents. Another Excel spreadsheet which is a hot favorite among torrents seeders is the one listing the alleged salaries of 17 top paid executives of Sony Pictures Entertainment.
The below spreadsheet of the 17 highest-paid execs reveals the $3 million salaries of both CEO Michael Lynton and co-chairman Amy Pascal among others.
Security researcher Dan Tentler analysed the files being shared and looked over the nodes helping serve the content, uncovering 75 Amazon EC2 instances sharing the files. Tentler says that his first guess was this was a honeypot by FBI trying to catch those downloading it. While another researcher, Dave Maynor, found some of the hosts contained cryptographic guarantees of authenticity, known as SSL certificates, straight from Sony. Dave concluded that the hackers i.e. #GOP most likely had control over some PlayStation Network infrastructure too. “Basically the attackers have hit Sony so hard that their main front-end web servers for the PlayStation Network are the machines serving up the compromised data,” he told Forbes over email.
Adding weight to Dave’s hypothesis is the fact that someone took the PSN servers offline, which Dave feels wasnt FBI or Sony.
Documents being shared
In addition to the above spreadsheets, another file being traded online appears to be a status report from April 2014 listing the names, dates of birth, SSNs and health savings account data on more than 700 Sony employees. Yet another apparently purloined file’s name suggests it was the product of an internal audit from accounting firm Pricewaterhouse Coopers, and includes screen shots of dozens of employee federal tax records and other compensation data.
Looks like #GOP has hit Sony pretty hard under the belt. Sony was on lookout for a Chief Information Security Officer for its security needs during the hack attack which means that who ever hacked Sony knew it was pretty vulnerable at that precise moment. Some reports doing rounds on internet state that this may be a inside job but the law enforcement agencies including FBI have not come to any such conclusions yet.
