Connect with us

Hi, what are you looking for?



Sony Hackers Dump Personal Data on 47,000 People, Celebs Included

The attackers behind the recent devastating hack against Sony have leaked what appears to be sensitive personal data on roughly 47,000 individuals, including celebrities, according to a company that has analyzed the files.

The attackers behind the recent devastating hack against Sony have leaked what appears to be sensitive personal data on roughly 47,000 individuals, including celebrities, according to a company that has analyzed the files.

Sony Pictures acknowledged earlier this week that a “brazen” cyber attack resulted in hackers getting their hands on a “large amount” of confidential data, including customer information and unreleased movies, as well as employee and other corporate files.

“Some SSNs appeared in more than 400 different locations, giving hackers more opportunities to wreak havoc,” said Todd Feinman, President and CEO, Identity Finder, a firm that analyzed the files allegedly taken from Sony and released by the attackers.

After running the files though its “Sensitive Data Manager” solution, Identity Finder discovered the following buried within various leaked files:

• 601 files containing SSNs

• 75 Acrobat PDFs

• 523 Excel spreadsheets

Advertisement. Scroll to continue reading.

• 3 Word documents

• 47,426 unique SSNs

• 15,232 SSNs belonged to current or former Sony employees

• 3,253 SSNs appeared more than 100 times.

• 18 files contained between 10,860 and 22,533 SSNs each.

• 1,123,798 copies of compromised SSNs

• The SSNs appeared more than 1.1 million times inside 601 publicly-posted files stolen by hackers.

“The most concerning finding in our analysis is the sheer number of duplicate copies of Social Security numbers that existed inside the files,” Feinman said.

Most files containing SSNs were accompanied by other personally identifiable information, such as full names, dates of birth and home addresses, which creates a clear path for criminals intent on committing identity fraud, Identity Finder said.

While the exposure of sensitive personal and corporate information is embarrasing and costly for Sony, significant damage also came as a result of the destructive malware that infected many systems across the company, forcing it to shut down its network and send employees home last week.

Why are fingers pointing at North Korea?

Reports show that the hackers may have links to North Korea, and used malware similar to threats used in destructive attacks on businesses in South Korea (DarkSeoul attacks) and the Middle East, including the “Shamoon” attacks against oil producer Saudi Aramco.

The attack came after North Korea warned of “merciless retaliation” over the planned release of an upcoming film called “”The Interview,” a comedy about a CIA plot to assassinate North Korea leader Kim Jong-Un.

The FBI has launched an investigation into the attack, and also sent out a “flash alert” to warn organizations of a destructive piece of malware, assumingly the threat used against Sony.

Security firms, including Trend Micro and Kaspersky Lab, have released findings on the malware, which dive into more detail and explain some of the connections that could highlight a possible link to North Korea.  

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...