DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More from the Sony Pictures hack: Budgets, Layoffs, HR scripts, and 3,800 SSN

Posted on December 3, 2014 by Dissent

Kevin Roose reports:

Yesterday, I reported on a spreadsheet apparently taken from Sony Pictures Entertainment, one of the largest and most powerful studios in Hollywood, by a group of hackers calling themselves Guardians of Peace. The document, which listed the names, titles, and salaries of more than 6,000 Sony Pictures employees including senior executives (and may have revealed a gender pay discrepancy), appears to be part of an enormous data breach that hit the studio last week, forcing them to shutter computer systems, move employees to paper and pencils, and call in the FBI and private security researchers to investigate the hack.

[…]

Here are just a few of the revelations I found in the leaked archives – most in normal, unencrypted Excel and Word files, labeled as plain as day:

A spreadsheet listing the names, birth dates, and social security numbers of 3,803 Sony Pictures employees, including all of the company’s top executives. (Happy birthday, Wendy!)

A spreadsheet listing the division-by-division Sony Pictures payroll, as well as breaking down costs for raises and other pay changes. (The company’s total salaries, as of May, were listed at $454,224,070.)

A spreadsheet listing Sony Pictures employees who were fired or laid off in 2014 as part of the company’s reorganization, along with the reasons for their termination. Also on this spreadsheet: estimates of “TOTAL COST TO SEVER,” or the amount Sony Pictures calculated it had to pay to terminate each person’s employment, including severance pay, COBRA health benefits, and outplacement costs.

Read more on Fusion.

Today, the Hollywood Reporter reports:

Sony Pictures Entertainment chiefs Michael Lynton and Amy Pascal have released a memo to staff addressing a recent hack against the company. The memo, which was sent to all of Sony’s approximately 6,600 employees, is an apparent admission that information leaked online this week is accurate.

Acknowledging that “a large amount of confidential Sony Pictures Entertainment data has been stolen by the cyber attackers, including personnel information,” Lynton and Pascal sent a message to the company’s employees reassuring them that “the privacy and security of our employees are of real concern to us” and offering them identity protection services.

Read more on Yahoo!

Once again, it seems, Sony is playing catch-up in communications. Given recent revelations by Brian Krebs and Kevin Roose, it needs to get its PR team in high gear to issue a press release that confirms what it already knows.

Category: Business SectorHackOf NoteU.S.

Post navigation

← National Notification Law Unlikely
Former college professor/FBI informant indicted on federal charges of credit card fraud, identity theft →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Credit Control Corporation data allegedly from 9.1 million consumers listed for sale on forum
  • Copilot AI Bug Could Leak Sensitive Data via Email Prompts
  • FTC Provides Guidance on Updated Safeguards Rule
  • Sentara Health terminates remote employees after realizing they couldn’t be sure who was doing the work.
  • Hackers Break Into Car Sharing App, 8.4 Million Users Affected
  • Cyberattack pushes German napkin company into insolvency
  • WMATA Train Operators Arrested in Health Care Fraud Scheme
  • Washington Post investigating cyberattack on journalists, WSJ reports
  • Resource: State Data Breach Notification Laws – June 2025
  • WestJet investigates cyberattack disrupting internal systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Vermont signs Kids Code into law, faces legal challenges
  • Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation
  • Anne Wojcicki Wins Bidding for 23andMe
  • Would you — or wouldn’t you?
  • New York passes a bill to prevent AI-fueled disasters
  • Synthetic Data and the Illusion of Privacy: Legal Risks of Using De-Identified AI Training Sets
  • States sue to block the sale of genetic data collected by DNA testing company 23andMe

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.