Sony Pictures Hacked, Films Released Online; North Korea On List Of Suspects

sony_pictures_logoSony Pictures Entertainment, the film studio division of international entertainment giant Sony, was the victim of a major hack last week. Not only did the attack majorly disrupt work at the studio nationwide, but also it appears that the bad guys got their hands on some goodies while they were there: at least four Sony films that haven’t even been released yet are already zipping their way around the internet.

Entertainment news site Deadline broke the story of the Sony Pictures hack last week. On November 24 — the Monday before Thanksgiving — employees at Sony Pictures’ New York office suddenly saw the image of a grinning red skull appear on their screens bearing the headline, “Hacked By #GOP.” The text continued:

We’ve already warned you, and this is just a beginning.
We continue till our request be met.
We’ve obtained all your internal data including your secrets and top secrets.
If you don’t obey us, we’ll release data shown below to the world.
Determine what will you do till November the 24th, 11:00PM (GMT).

The screen also included links to several *.zip files, hosted on a variety of sites, purporting to contain internal Sony data.

In response, Sony basically pulled everything offline while they investigated the intrusion. No e-mail, no phones, no employee access at all to computers in their New York, Los Angeles, or global offices. A Sony representative told Deadline, “Sony Pictures Entertainment experienced a system disruption, which [we] are working diligently to resolve.”

Variety later reported that according to internal sources, the situation could last for up to three weeks.

Although the message revealing the intrusion indicates the hackers want Sony to “obey” and “meet our request,” Deadline reports that Sony did not receive any specific demands. Nor were they given any explanation as to why they were targeted. Some of the websites (and associated data dumps) listed in the initial screen weren’t even valid.

According to among the data the hackers have released to the world are “the stuff of IT guy nightmares,” including Excel files full of passwords from the Sony Pictures finance department.

It’s not just the IT and Finance teams at Sony who won’t be getting any sleep this month: neither will the marketing and legal departments. As Oscar season kicks off with holiday film releases, Sony’s newest are all hitting file-sharing sites before they can even hit theaters, Variety reports.

Still Alice, Annie, and Mr. Turner are all being released in theaters this month (Dec. 5 and 19), but since the hack all three have started showing up in torrents. So has Fury, which was released on Oct. 17, and To Write Love on Her Arms, which isn’t due out until mid-March. Despite being out in theaters for several weeks, Fury jumped to the top of the pirating charts and as of yesterday had been downloaded more than 1.2 million times.

Sony and outside security firms are still investigating who’s behind the hack, and what the attackers actually want. Bloomberg reports that the “GOP” in the message stands for “Guardians of Peace,” but after that it all starts to get kind of weird.

On the day after Thanksgiving — last Friday, four days after the initial hack — Re/Code reported that the teams investigating the incident were actively pursuing a theory that the hackers, perhaps working out of China, were doing it all on behalf of North Korea.

And why would North Korea want to hack a movie studio in Los Angeles? Fittingly, it’s over a movie.

The Interview is due in theaters on Christmas day. It’s a comedy starring Seth Rogen and James Franco as hapless tabloid journalists who land an interview with Kim Jong-Un, but then a funny thing happened on the way to Pyongyang and they end up recruited by the CIA to assassinate the enigmatic leader. When the trailer for the movie was released back in June, North Korean representatives had harsh words for the film’s premise.

Re/Code explained yesterday that although no firm evidence has yet tied North Korea to the hack, there are a lot of factors pointing that way. Not only is the timing suspect, but also some of the tactics used have strong similarities to previous internet hack attacks carried out by or on behalf of North Korea in the past.

On the other hand, someone claiming to be one of the hackers e-mailed The Verge and told them,”We Want equality. Sony doesn’t. It’s an upward battle.” The person also said that the hackers had worked with individuals inside Sony to carry off the intrusion.

Sony’s statement on the matter has been, “The theft of Sony Pictures Entertainment content is a criminal matter, and we are working closely with law enforcement to address it.”

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.