Skip to main content

Sony embarrassed: 'hiding in plain sight' IT security strategy has proven useless

Sony Pictures Entertainment faces being left completely red-faced after reports began to emerge that it contributed to its latest data breach by storing thousands of passwords in a folder entitled “Password”.

Personal details of some 47,000 employees and actors have been leaked online in recent days and the much-publicised leak contains confidential details including social security numbers and reams of other tidbits, according to The Telegraph.

The controversially named “Password” folder contains 139 Word documents, Excel spreadsheets, zip files and PDFs that give access to passwords and usernames for everything from internal computers to social media accounts.

One of those files, which has been seen by BuzzFeed, contains scores of usernames and passwords to various social media accounts thus giving anyone easy access to Facebook, MySpace, YouTube and Twitter accounts linked to the firm.

Sony hasn’t spoken publicly about the hack and the only noises came in an internal company-wide memo from CEO Michael Lynton and co-chairman Amy Pascal that called it a “brazen attack on our company, our employees and our business partners”.

Sony’s leak comes at the same time that a clutch of high profile upcoming films were made available online with many reports pointing the finger at North Korea in retaliation for an upcoming film that pokes fun at the country.

Since then, the country has come out to deny that it is responsible for the hack and called claims that it had anything to do with it "another fabrication targeting the country".

The film in question, The Interview, stars Seth Rogan and James Franco and centers on a fictional plot by the US government to assassinate North Korea’s leader, who bears an uncanny resemblance to the real life leader Kim Jong-un.

Employees at Sony Pictures, who are some of the worst affected, aren’t likely to be surprised at the leak given that former workers told Fusion that the company’s “long-running lax attitude towards security” is likely to blame.

Jamie Hinks

Jamie is a freelance writer with over eight years experience writing for online audiences about technology and other topics. In his time writing for ITProPortal he wrote daily news stories covering the IT industry and the worldwide technology market, as well as features that covered every part of the IT market, from the latest start ups to multinational companies and everything encompassed by the IT sector. He has also written tech content for our sister publication, TechRadar Pro. Jamie has since moved into sports betting content and is Content Manager at Betbull.