Sony Pictures, the company's film-making division, has reportedly been shut down by a malware infection that has been spread throughout its internal network by attackers claiming to have 'obtained all [the] internal data' of the company.
The attack is claimed to be the responsibility of a group known as GOP, which has made requests to the company that have not yet been made public - but, given the threats involved in the attack, are likely to be financial in nature. If these requests are not met, the group has warned the company, data captured from the internal network will be made public. A file list was shared by the group, which appears to include sensitive data including private key files for encrypted services, full dumps of SQL databases and even PDF scans of employee passports.
According to Deadline
, the first site to report the breach, Sony Pictures is at a 'standstill
' as a result of the attack, with users warned not to switch their computers on or attempt to use the network until the issue is resolved. 'We are down,
' an unnamed source told the site, completely paralysed.
' Sony itself has confirmed that it is 'investigating an IT matter,
' but has not offered official statement on the nature of the 'matter' or the operability of its internal network.
If the attackers have obtained the files contained in the list, then it's a serious breach for the company - and hardly its first. In 2011 its PlayStation Network service was breached with the loss of service and, more severely, the leaking of millions of user accounts - including credit card data. The attack cost the company millions, including a largely symbolic £250,000 fine
from the Information Commissioner's Office.