Everything You Need to Know About Sony's Unprecedented Hacking Disaster
Japanese electronics and entertainment giant Sony was hacked last month. What does that really mean? Is it as bad as freaked out people on CNN say? Who did it? North Korea!? Why? Here's everything you need to know.
We've started a unique pop-up blog—http://sonyhack.gawker.com—to collect reporting and writing about the hack from Gawker, Gizmodo, and their Gawker Media sister sites. Check it for updates on the story, and look below for all the background and context you need—as well as a list of some of the biggest and best stories.
Sony was hacked sometime last month...
The Los Angeles Times reported that Sony's servers had been breached on November 24th, treating Sony Pictures Entertainment employees to a skull image on their computer screens and allowing a third party to download an enormous amount of data without being detected. Literally every day since then has been a day of bad news for the company—including the discovery that this is the second time this year that Sony's server's were invaded.
...but no one knows who did it.
Although there's been a great deal of speculation that North Korea is behind "Guardians of Peace" hacker group as a form of revenge for The Interview, there's no actual proof—though it does make for a terrific plot for the eventual movie adaptation of the corporate crisis. The country has denied involvement, the FBI says there's no sign North Korea did it, and the whole theory is just a little too tidy as a narrative. On the other hand, some of the software possibly used in the breach resembles software used in a previous North Korean online assault.
Bottom line: no one is sure except whoever did it.
Sony made it easy for the hackers, though.
One of the big revelations in this leak is just how poorly Sony protected its internal information—for instance, personal passwords were stored en masse in unprotected text documents.
We also know that Sony was hacked earlier this year, and decided to keep it a secret.
Now the hacked data is available to anyone with a computer and an internet connection.
Every release of hacked data has been made easily downloadable via torrent, with links to each torrent file published on anonymous text sites like Pastebin and GitHub.
The hackers have released everything from emails to financial documents to employees' personal information...
Sensitive (and embarrassing) internal emails have nabbed most headlines, but the Guardians of Peace have leaked confidential marketing materials, proprietary Sony financial data, employee social security numbers, and many other forms of sensitive info—over 150 gigabytes of it.
...and they claim they have enough information to leak for years.
A Guardians of Peace statement at the start of the leak onslaught claimed they'd exfiltrated around 100 terabytes of Sony data. If that's true—and they haven't lied to us yet—they could keep leaking at this pace for many, many years to come. It's enough to fill up about a hundred brand new iMacs.
The leaks have been tremendously embarrassing for Sony already...
We've seen top execs trade casually racist emails, trash celebs, and despair over how bad their own movies are.
...and the ad hoc ass-covering has begun.
Sony Pictures co-chair Amy Pascal and producer Scott Rudin have both issued apologies over their childish email exchanges, and the New York Daily News hears Pascal could be on the chopping block. Some stars implicated in the leaks, like Kevin "Whore" Hart and Seth "Bad Movie" Rogen, have commented as well.
The "Guardians of Peace" also threatened to physically attack theaters showing The Interview.
Complete with a 9/11 comparison.
Which resulted in Sony canceling the entire movie.
This is a major victory of the Guardians of Peace—whoever they are—and an unprecedented move by a movie studio.
The Guardians of Peace say they're satisfied, for now, as long as Sony deletes every bit of material related to The Interview from the internet.
And Sony is going along with it.
Since news of the hack first broke, Sony has handled the fallout terribly...
Other than going into locked-down corporate turtle mode and hiring an IT consultant, Sony hasn't handled this public crisis with much public grace. Over the weekend, a slew of media outlets (including Gawker) received threatening legal notes from Sony's counsel, demanding that we all delete the leaked data and basically pretend it all never happened.
The possibly broke Aaron Sorkin added, via New York Times editorial, that reporting on the hacks or the hacked materials "is morally treasonous and spectacularly dishonorable."
...but the FBI is investigating on its own.
The feds are impressed by the sophistication of the attack. According to Variety:
"The malware that was used would have slipped, probably would have gotten past 90% of the net defenses that are out there today in private industry, and I would challenge to even say government," Joseph Demarest, assistant director of the FBI's cyberdivision, told members of the Senate Banking, Housing and Urban Affairs Committee, on Wednesday.
So, what's actually in this leaked data? What have we learned so far? Where can I learn more?
We're still sifting through tens of thousands of emails and gigabytes of spreadsheets, but so far we've learned a lot about the people who run a giant multinational corporation. You can read our reporting here and on sonyhack.gawker.com, where we'll be collecting coverage from all of the Gawker Media sites..
Here are the biggest revelations so far:
The company's attempt at the Steve Jobs biopic was a total disaster.
At least one Sony exec thinks Kevin Hart is a "whore."
Sony Pictures co-chair Amy Pascal has a strange relationship with journalist Nikki Finke.
The company's servers were compromised back in February, but they chose not to tell anyone.
Sony Pictures co-chair Amy Pascal has a strange relationship with the New York Times.
Sony has faced some serious allegations of corporate sexual harassment and racism.
Aaron Sorkin may or may not be broke and horny.
The next James Bond film is an expensive mess.
Sony executives find the Smith children as annoying as the rest of us.
Sony knew it was keeping millions of personal records without any encryption.
A forthcoming Cameron Crowe/Bradley Cooper film is a mess, too.
Lots of Sony Pictures employees are sick of the studio releasing shitty Adam Sandler movies.
If North Korea actually is behind the attack, the movie that pissed them off so much in the first place is a total turd.