April 22, 2019

Sony hack shows that the company kept passwords stored in a folder called “Password”

SONY PICTURES LOGO(LiveHacking.Com) – Sony Pictures Entertainment has been hacked and it has been hacked hard. Over 40GB of data has been released on the Internet. The trove of data includes scripts and documents about salaries and film budgets. It is being described as “probably the worst corporate hack in history.” A group called Guardians of Peace, which may be affiliated with North Korea, has claimed responsibility for the cyber attack. It is thought that North Korea is upset at Sony Pictures’ new movie The Interview, which satirizes the country’s dictator Kim Jong Un.

As experts and journalists are continuing to pour over the data, one bizarre item has been found. According to Buzzfeed, the latest data dump included a folder called “Password.” In it there were 139 Word documents, Excel spreadsheets, zip files, and PDFs containing thousands of login credentials for Sony Pictures’ internal computers, social media accounts, and web services accounts. The files used very convenient naming conventions like “password list.xls” or “YouTube login passwords.xlsx.”

Among the passwords were details of SPE’s social media accounts including Facebook, YouTube, and Twitter. One thing is for sure, SPE is going to need to change a lot of passwords, and it needs to do it fast! There are also documents which contain passwords for a variety of other services including Amazon, FedEx, Lexis/Nexis, and Bloomberg.

The situation could get worse for Sony over the next few days. The hackers have indicated that this latest dump is only the start of a series of planned data dumps to the Internet. The hackers claim to have taken over 100TB of data from SPE, of which we have only seen a fraction so far.

The seriously troubling thing about this latest hack is that it isn’t the first time that Sony has been targeted. Sony Pictures Entertainment websites were breached in 2011 by a group known as LulzSec. As a result of the breach LulzSec published the names, birth dates, addresses, emails, phone numbers and passwords of thousands of people who had entered contests promoted by Sony. That breach occurred only a few weeks after Sony confirmed a breach to its PlayStation Network that exposed millions of personal user records. Then last, but not least, in 2012 hackers claimed to have accessed Sony’s servers and downloaded Michael Jackson’s entire back catalog, worth some $253 million.

Share and Enjoy:
  • Print
  • Digg
  • StumbleUpon
  • del.icio.us
  • Facebook
  • Yahoo! Buzz
  • Twitter
  • Google Bookmarks