Sony Pictures Entertainment

Sony Pictures Entertainment has been targeted by computer hackers in an attack which reports say forced it shut down its systems.

A skull appeared on computer screens along with a message threatening to release data “secrets” if undisclosed demands were not met, reports said.

The message showed “#GOP” indicating a group called Guardians of Peace was behind the attack.

Hollywood on Alert Following Sony Cyber-Attack

Although no studio would say so publicly, at least three of Sony’s rivals said they were assessing and upgrading their own systems and protocols in the wake of the breach.

The financial damage and the strain that the leaks have put on Sony’s operations should represent a wake-up call, security advisers tell Variety. Read more

Watch on YouTube

Source: msnbc


News highlights

Sony Pictures co-chair Amy Pascal quits after email hack

Ms Pascal will start a production company that will launch in May 2015. She has already apologised for certain revelations that came as a result of the leaked emails.

New clues in Sony hack point to insiders, away from DPRK

Researchers from the security firm Norse allege that their investigation of the hack of Sony has uncovered evidence that leads, decisively, away from North Korea as the source of the attack.

Sony execs Amy Pascal, Steven Mosko’s emails leaked by hackers

The Microsoft Outlook mailboxes are massive in size, each coming in at multiple gigabytes and purportedly containing thousands of email exchanges, both business-related and personal, as well as contact information for executives at other companies.

Sony’s new movies leak online following hack attack

“Fury” has been downloaded by over 888,000 unique IP addresses since showing up on peer-to-peer networks on Nov. 27, according to piracy-tracking firm Excipio. That’s high enough to be the second most-downloaded movie currently being pirated, and it’s not out of movie theaters yet.

An exclusive look at Sony’s hacking saga

Elsewhere in Hollywood there is a new wariness of electronic communication. “Everybody’s scrubbing down, checking for compromising e-mails,” says one veteran producer. “Delete, delete, delete.”

Sony hack: sacked employees could be to blame, researchers claim

Security experts investigating the devastating hack against Sony Pictures appear to be moving away from the theory that the attack was carried out by North Korea, focusing instead on disgruntled former employees of the firm.

Sony Hackers expose celebrity aliases for Natalie Portman, Tom Hanks, Daniel Craig, and more

In new documents obtained by Fusion, aliases that actors used to protect themselves while working on Sony projects have been revealed to the public.

LEAKED: Hacked Sony docs reveal top 17 executives' multimillion-dollar salaries

The latest attack is a spreadsheet listing the alleged salaries of 17 top paid executives of Sony Pictures Entertainment.

Sony Pictures computer system hacked in online attack

A skull appeared on computer screens along with a message threatening to release data “secrets” if undisclosed demands were not met, reports said.

Leaked movie downloads after 4 days



Still Alice


Sony Pictures exec Amy Pascal steps down in wake of hack attack

Pascal will step down from her role as co-chairman of Sony Pictures Entertainment in the wake of the company’s massive data breach. Some of Pascal’s emails, released in the hack, criticized Hollywood stars and contained racially insensitive jokes about President Obama.

Watch on YouTube

Source: CBS This Morning

Does Sony Hack Change Stance on Cybersecurity?

Tanium CSO Chad Fulgham discusses cybersecurity and information sharing on “Bloomberg West.”

Watch on YouTube

Source: Bloomberg Business

NSA Hacked North Korea Years Before Sony Hack

The New York Times reports the NSA knew North Korea hacked Sony because the NSA had hacked into North Korea years ago.

Watch on YouTube

Source: Newsy

Inside the FBI investigation of Sony hack attack

What were officials looking for in the cyber attack and how did they tie it to North Korea?

Watch on YouTube

Source: Fox News

Mark Cuban: Major hack will happen again

Billionaire investor Mark Cuban’s own emails were leaked in the Sony hack. He tells Brian Stelter it will happen again.

Watch on YouTube

Source: CNN

Sony CEO: We did not make a mistake

Sony CEO Michael Lynton responds to President Obama’s comment that they made a mistake in pulling “The Interview.”

Watch on YouTube

Source: CNN

“Yes, I think they made a mistake.” President Obama on Sony Hack

President Obama answers a question at his year-end press conference on the Sony hack and “The Interview” movie.

Watch on YouTube

Source: C-SPAN

Former Anonymous hacker doubts North Korea behind Sony attack

As the U.S. comes closer to publicly blaming North Korea for the Sony cyberattack, former Anonymous hacker Hector Monsegur is raising doubts.

Watch on YouTube

Source: CBS This Morning

SONY hackers invoke 9/11 in new threats

Guardians of Peace already claimed responsibility for the SONY hacking. Now it’s trying to intimidate moviegoers from seeing the movie that motivated the massive data dumps.

Watch on YouTube

Source: CNN

Sony Pictures Hacked: Fury, Annie & Others Leaked

U.S. law enforcement agencies are looking into whether North Korea was involved in a cyber attack targeting Sony Pictures, in retaliation for the new Seth Rogan, James Franco movie: “The Interview”

Watch on YouTube

Source: NBC News

Breached data

Analysis of all the breached Sony Pictures Entertainment data.

Source: Risk Based Security


Date: 1-12-2014

  • 26.4 GB in size, containing 33,880 files and 4,864 folders.
  • Includes 47,426 unique Social Security Numbers (SSN)
  • 15,232 SSN belonged to current or former Sony employees
  • 3,253 SSN appeared more than 100 times
  • 18 files contained between 10,860 and 22,533 SSN each

Read more

Date: 3-12-2014

Bonus.rar file summary:

  • 33.7MB compressed
  • Contains plaintext credentials (~ 500 total), server information, internal IP addresses and other data.
  • List of security certificates for servers, users, and services, and a list of what each certificate is related to.
  • Credentials include YouTube login information for the SonyPictures, Spidermanmovie, EvilDeadMoive, GrownupsTheMovie, and Thisistheend movie channels, complete list of older social media accounts for campaigns on facebook and twitter.
  • 121 FTP plaintext credentials, including the main Sony Pictures FTP server.
  • Plain text Credentials for major news and media sites like NY times, LA Times, Daily Variety,,
  • Plain text passwords in formats like “sony12345” for critical internal and forward facing services.
  • Username passwords combos in a file named My PAsswords contain: novell, mediataxi, inflight, fidelity, spiDR, SPIRIT, sony style family center, FEDEX, Connect, SPTI, Acron TASS, SPE Courier, Concur, SPC Press, AIM, HR Connect, AMEX, outlook all in clear text with username and password combos.
  • Accounting and payment information for AMEX for “The Interview” in plain text.
  • Accounting and payment and other related credentials for “Death at a Funeral”

List.rar file summary:

  • 1.8MB compressed
  • Three files containing internal and external PC data, Linux servers, and Windows servers

Read more

Date: 7-12-2014

File SPE_03_01.RAR (Mostly from Sony Brasil)

  • 30,916 individual Files, 2,970 Folders. 16.4 GB / 9.99 GB (Compressed)
  • Banking statements, bank account information including wire transfer swift codes etc.
  • Financial year reports
  • Financial year forecasts
  • Budget reports
  • Overhead reports
  • Receipt and transaction account statements of computer hardware, vehicle (toyota hilux, mitsubishi space wagon), car accessories going back to 1998
  • Internal information for Sony Pictures Releasing International portal, screenshots, walkthroughs and other usage information.

File SPE_03_02.RAR (From Sony Pictures Imageworks, Vancouver, and Sony Pictures)

  • 89,800 Files, 10,990 Folders. 88.6 GB / 48.9 GB (Compressed)
  • Accounting information using Trintech Inc. software
  • Licensing contracts
    • Access Digital (Exyflix)
    • Amazon Europe
    • Amazon Japan
    • Clickpay Multimedia
    • Comcast
    • Eagle Eye
    • Gaia
    • Google (YouTube)
    • Media Vault
    • M-GO
    • Microsoft
    • Playstation
    • Sena
    • Sony Electronics
    • Sony visual products in
    • video futur
    • Yota (aka more)
  • Vendors (Too many to list)
  • Sony India Financial reports.
  • 528 Payrolls for Imageworks Canada with staff full names, contact numbers and residential addresses.
  • British Columbia Personal Tax Credit Returns scans of several employees with full personal information including social security number.
  • Photocopies and scans of driver licenses, passports and other tax related documents exposing a bunch of personal credentials, home addresses, full names, date of births, social security numbers and more.
  • Federal Tax Returns

File SPE_03_03.RAR

  • 113,002 Files, 39,612 Folders. 57.1 GB. / 48.1GB (Compressed)
  • Incident reports with full names, incident locations, injurys and postions held with sony.
  • SPE Global Security Guidelines v2
  • UL training users, full names, addresses, email addresses and common set clear text passwords
  • copies of employeement contracts and agreemtns, passports, drivers license, ssn, signatures.

Read more

Date: 8-12-2014

The torrent that includes all files is only 2.8GB this time.


  • mosokos.ost (A Microsoft Outlook mail spool), 3.5GB in size
  • “mosokos” is Steve Mosko, President of Sony Pictures Television.
  • 3,550 full contact details, full names, email addresses, home addresses
  • 14,944 sent emails
  • Email contents include account information, password reset mails, personal emails, flight and travel arrangements
  • Also includes discussions about internal operations within Sony, the 2013 Breaking Bad Bluray leak, discussions about using torrents and the AXN network to distribute Hannibal
  • Emails from friends and other Sony staff about TV show torrents and uploads to YouTube, including Breaking Bad, King of Queens, and Hannibal.


  • APascal1.ost (A Microsoft Outlook mail spool), 3.78GB in size
  • “APascal” is Amy Pascal, Co-Chairman, Sony Pictures Entertainment and Chairman, Sony Pictures Entertainment Motion Picture Group
  • Over 5,000 emails included
  • Most recent Inbox email is from November 23, 2014 (likely when the mail spool was taken)
  • Emails consist of sony employee relations, personal invoices, and personal emails
  • Includes talk and deals about upcoming movies
  • Contains current and closing business deals

Read more

Date: 10-12-2014

The torrent file consists of 5 parts, all 1GB and in RAR format (spe_05_01.part[1-5].rar). The newly leaked data includes information about Sony’s anti-piracy efforts, entertainment deals in the works, internal procedures related to tracking torrents and other illegal downloading. It also contains a document that outlines Sony’s cooperation with 5 major Internet Service Providers (ISPs) to collect full data for monitoring illegal downloads.

In addition:

  • Motion Picture Association of America (MPAA) list of outstanding issues and other piracy related information.
  • Enhanced Content Protection proposals, drafts, and documents.
  • Potential Middle-East partnership deals from 2012.
  • Wages of international employees from Sony Australia and Sony China
  • Contact information of more than 2,500 employees, additional digital certificates, documents on Internet security, security advisories that may impact Sony systems
  • Research documents, internal information about Sony cameras being produced, NATO-Studio August 2014 Tech Meetings Agenda with talks about new technology being produced by Sony
  • Project non-disclosure agreements, budgets, financial forecasts for 2013 – 2015, information about projects schedules, deals, costs, profits, advertising revenue, and advisor fees.

Anti-piracy information from Google, YouTube, Netflix, and Farncombe including:

  • Total number of notices sent to ISPs with 100% success rate (2,537,932)
  • Alerts sent to subscribers (1,475,848)
  • Alerts that were not sent but should of been (41,917)
  • A breakdown of which content, how many types of alerts sent, and acknowledgements for 2012, 2013, and 2014
  • Confidential documents outlining deals, procedures for monitoring, and services provided by Farncombe
  • Large amount of proposals to Google, YouTube, and other services about how to censor search results, remove content from its search
  • Content protection documentation

Documents and internal tracking of console hacking information for the PlayStation including:

  • 27th Chaos Communications Congress (CCC), Console hacking 2010, PS3 Epic fail.
  • Verisign Fraud Alert: Phishing – the latest tactics and potential business impact.
  • BHUSA09-Marlinspike-DefeatSSL-PAPER1
  • us-14-Rosenberg-Reflections-On-Trusting-TrustZone-WP

Read more

Date: 10-12-2014

Some details about the 3.84GB mail spool include a list of folders, number of emails, and a brief summary of the content.

Some of the folder names and mail count:

  • Admin: 56
  • Alertline: 286
  • Audit Reports: 28
  • Calendar: 6,815
  • Compliance dept: 45
  • Contacts: 178
  • Conversation history: 2
  • Deleted items: 4,296
  • Designated Employee Notice: 59
  • Division Head Meetings: 205
  • Executive comp: 60
  • Inbox: 41,229
  • Sec filings: 30
  • SEC FCPA: 102
  • Sent emails: 36,586
  • SPE Board: 19
  • SPE Subsidiaries Report:3
  • Legal: 78

Read more

Date: 13-12-2014

The actual data leaked today appears consists of 6.45GB of uncompressed data, distributed via bittorrent links that do not appear to be seeding from same 54 IP addresses previously seen. The data consists of 6,560 files throughout 917 folders.

A very brief analysis suggests this leak contains:

  • Sony internal documents for tracking deals, expenditures, and revenue.
  • Complete working folders for Jim Underwood (likely ex-Sony Executive VP, Worldwide Digital and Commercial Strategy [LinkedIn Profile])
  • Documents related to the acquisition of Grouper Networks in 2006 and related material the following years.
  • Many acquisition proposals, Sony’s perspective on the pros and cons to the deals, companies of interest, and potential profit, including Left Bank Pictures.
  • Drafts on the best ways to battle piracy, from 2009 on.
  • Enhanced Content Protection Overview written by Chris Odgers – complete analysis of possibilities of breaches, exploits, detection, and prevention methods for data streaming services to prevent hijacking.
  • Emails about Australian TV not being finalized before screening started. This appears to be related to the recent run of older American TV shows like Starksy and Hutch.
  • Breach monitoring and revocation rules for Phase 1 Service if the F1 Box is hacked.
  • Business documents and dealings with out of Brazil.

Read more

Date: 14-12-2014

A quick analysis of the leaked mail spool (spodell.ost) shows that it is 5.53GB uncompressed, and contains over 72,900 emails spread across 7 primary folders. A bulk of the emails (54,793) are in the ‘Sent’ folder going back to May 20, 2008, with 12,414 in the inbox, and 4,276 deleted. As with previous disclosures, the topic of piracy seems to be front-and-center, specifically related to cinemas responsible for allowing camcorders to record movies in India, Taiwan, Japan, Brazil, Australia, and others.

Read more

Date: 16-12-2014

And finally, that brings us to the ninth leak posted today, titled “1st Christmas Gift, Michael Lynton”. As the name suggests, this disclosure includes two files, both email spools (mLynton.ost is 864MB and mLynton1.ost is 1GB) for Michael Lynton,Chairman and CEO of Sony Pictures Entertainment. The mails range between November 8, 2013 and November 22, 2014. Some of the folder names and mail count between both files:

  • Inbox: 12,482
  • Contacts: 7,085
  • Calendar: 5,433
  • Deleted: 6,966
  • Lost & Found: 12,629
  • Drafts: 77

Read more