Hackers find Sony passwords in a folder named ‘Password’

6

Last week’s cyber attack on Sony Pictures Entertainment reveals the company’s rather flimsy approach to internet security.

After Sony announced it had recently been the victim of a cyber attack which saw unreleased movies and trailers, as well as confidential information of more than 40,000 employees leaked to the public, further details have emerged of the incident in what some are calling the most embarrassing corporate cyber attack of all time.

According to a new batch of documents leaked online, someone at Sony thought it would be wise to save thousands of company passwords in a folder named ‘Password’.

Inside the folder was 139 Word documents, PDF’s, Zip files and spreadsheets containing the usernames and passwords to not only the company’s internal servers but also to their social media and web services accounts.

Most of these files were saved in documents without any password protection whatsoever, according to Buzzfeed. Other documents, which were clearly labelled YouTube, Twitter and Facebook, contained hundreds of usernames and passwords for the social accounts of some of Sony’s most popular motion pictures.

Earlier this week Sony had released a statement to say the incident was a brazen attack on the company, its employees and business partners.

One former Sony employee who was interviewed by Fusion said the cyber attack was not surprising given the company’s long standing lax attitude to online security.

Apparently, the company did regular risk assessments and audits to highlight potential vulnerabilities with their online security, but failed to act on the advice given to them.

This latest embarrassing episode in the story comes after it had earlier been revealed that the social security numbers of the likes of Judd Apatow, Seth Rogan, James Franco and Sylvester Stallone part of the confidential data leaked in the attack.

It has been speculated that North Korean hackers are responsible for the attack, which is said to be in response to the upcoming release of a movie called The Interview, which depicts the assassination attempt of Kim Jong-un, although North Korea has denied any involvement in the hacking of Sony.

Share.

6 Comments

  1. this really look funny
    None of the normal user will never save their password in document file or spreadsheet

  2. Pingback: Sony cyber attack traced to Bangkok hotel

  3. PhakaratJaruprakas on

    Was this a duplicate file, made by an insider? There have been reports (and common sense dictates) this would have only been pulled off with the ease and timeliness that suggests the door was left open/unlocked. All it would take is $200K (or maybe less) to pay off a disgruntled IT gal/dude. I hope SONY does not use this as a reason to slow down or cut on the IT/Animation build-up they’ve done in TH the last few years.

  4. Pingback: Hackers demand Sony pulls comedy movie about North Korea

  5. Steve Abbott on

    I remember that after the Cold War, some guy Subpeona(d) the American government ( freedom of information act) for the passcode for America’s nuclear armament…….It was 1234

  6. Pingback: Please don’t be so stupid as to use any of these passwords