Click to Skip Ad
Closing in...

The latest big leak in the Sony hack is a huge file directory for passwords… called ‘Password’

Published Dec 5th, 2014 6:50AM EST
Sony Pictures Hack: Passwords and SSNs

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

Sony Pictures recent data breach might be the biggest yet even though it might not affect as many people as recent credit and debit card thefts, as hackers stole a huge number of files related to the company’s business — from unreleased movies and future plans to personal data belonging to employees and internal files — exposing many of them online.

FROM EARLIER: Sony is convinced North Korea was behind massive hack, but DPRK denies

The Wall Street Journal says that “cybersecurity experts could recall no other breach where so much data on a high-profile company was made public in one data dump,” explaining that hackers usually go for specific information in such attacks, such as stealing credit card and debit card details, discarding everything else obtained in the process.

The hackers behind the Sony attack, identified as the “Guardians of Peace,” might have sought a “shock and awe” effect, one person familiar with the investigation revealed, by releasing so much information found on Sony’s internal computer network.

The Journal also added that the breach exposed more than 47,000 Social Security numbers for current and former Sony employees, including various Hollywood celebrities like Sylvester Stallone, Judd Apatow and Rebel Wilson. The data was found in many documents, with investigators having found more than 1.1 million SSNs, most of them repeating ones, which were not protected by passwords.

Even more interestingly, BuzzFeed reports that data shared online by hackers includes a file directory titled “Password,” which includes “139 Word documents, Excel spreadsheets, zip files, and PDFs containing thousands of passwords to Sony Pictures’ internal computers, social media accounts and web service accounts.” Individual file names are “plainly labeled with titles like ‘password list.xls’ or ‘YouTube login passwords.xlsx.’”

According to a recent report, Sony suspects the hack originates from North Korea, with forensic evidence suggesting that’s the region hackers acted from, though the North Korean government has denied these allegations.

More details about these new Sony hack-related findings are available at the links below.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.