Just arrived back to the US after a trip to Australia and as many of you know, there was quite a big story concerning a data security breach at Sony Pictures. A text file was released containing a huge list of names of file the hackers claimed to have and it seemed to be pretty legitimate. Names of various employees over the years were in the file (including mine as I was a former Imageworks employee).
I’m not posting the file but you could probably ask around and get a copy. Anyone with simple linux skills can grep through the file to search the file names. If we are to assume the file names describe what kind of information is in there then it seems the data breach is incredibly serious as personal and private information for Sony Picture employees concerning immigration, pay roll, social security, deal memos, evaluation, and so on are included.
Even sensitive corporate information is in the list of files which reaches about 40 million by my count. Over 5000 files refer to the term tax credits. Over 10000 files refer to the term Imageworks. Those files include meeting notes, executive power point decks, and all kinds of financial information.
The question is do the hackers really have the files in question? It sure seems like it after today it was revealed that 25GB of data are being shared by the hackers and it included compensation info of Sony employees. The hackers are also claiming they have TBs of more information. All I’ve heard that Sony is doing in the face of this so far is offering current employees free identity theft protection services for one year. Not sure if former employees are getting the same. I’ve posted the email sent to employees above.