Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

The Sony Hack: The Gift That Keeps On Giving

By - Source: Toms IT Pro
Tags :

When hacked, most companies just get their financial data taken or bank accounts emptied. The particularly unfortunate may have product designs stolen. However, Guardians Of Piece (GOP) took it all when they robbed Sony. Only in the last 24 hours has the sheer breadth of the cyberheist become apparent.

According to various sources, the information was not just pre-release films, but also details of diverse and sensitive items such discussions between the studio and TV network buyers through to HR, payroll and even employees' medical details. Other title-tattle items include HR minutes of a meeting to discuss an executive level manager misusing company property whilst having a relationship with an office junior.

Unlike even the WikiLeaks of past, this release takes exposure to a whole new level. None of the information is redacted. People are named. Salaries are exposed for all to see. And that’s just the mundane stuff in comparison to what else has been released.

Source: RedditSource: RedditThe websites hosting the content alluded to have now for the most part been removed. It would be too much heat for any site to withstand -- breaking multiple laws, exposing confidential information, and the fruit of an illegal act. The information is still out there however, allegedly as a torrent download. In other words, it’s now out there forever.

This information covers just about every level of the corporation and is a true security nightmare. You can't change your social security number or date of birth. Pair these items with work phone numbers and addresses, and it is ready-made for a cyber crook to plunder the employees' accounts. Sony has offered all of the affected staff a one year subscription to fraud prevention services. Many, including myself, think this is merely a token gesture.

From what has been reported on the web, Sony didn’t even appear to apply token levels of security. To be able to penetrate an entire corporation of that size, including the HR and Finance functions, speaks volumes about the lack of security. It is surprising that Sony left the gates so wide open, given that it had its flagship product, the Playstation network, hacked within last two years.

The repercussions are still being felt; the hack even took out the Sony gym. Vending carts around the studios went cash-only for the foreseeable future. BYOD devices are at present banned with no return date. Internet access is severely restricted, with no file transfer capability. Stories that secretaries are having to Fedex scripts and move files with USB keys are being spoken of in hushed tones. Red badges, or "contractors" to the rest of us, apparently are experiencing problems getting paid.

In parting, let me leave you with one other important fact. The data released so far, although effectively laying a lot of secrets bare, is allegedly only the start. Rumor has it that there is 100TB of data that has been stolen. If true, this could just be the beginning of the nightmare.

  

Comments