No organization is exempt from security hacks, not even the ones reporting them. Two of the biggest media hacks included the Washington Post and Sony Pictures. While you might not think that downloading and distributing unreleased films can be detrimental, the hackers didn’t stop there with Sony. For the Washington Post, the recent security breach wasn’t quite as detrimental.\
Hackers Accessed 1.27 Million Account Details from the Washington Post
While newspapers like the Washington Post may not store a lot of personal information, hackers sought to target the paper’s online job boards. In June of 2011, hackers were able to gain access to roughly 1.27 million accounts. The information that was stolen included account IDs and email addresses for those concerned.
The Post claims that the problem is now resolved and that no other information was taken. However, account users are warned that they may receive spam emails as a result of this attack. In recent months before this event, Fox.com and PBS.org were targeted by similar attacks.
Fortunately, the amount of data stolen in this case was miniscule. Resetting the login credentials is fairly easy to do to prevent unauthorized account access. And most users are already leery of phishing emails that are sent to them.
No financial or otherwise sensitive information was stolen during the hack. Nevertheless, this attack served as a nudge for the Washington Post to evaluate its job site security network and implement additional cybersecurity measures to prevent similar attacks in the future.
Hackers Stole 100 TB of Data from Sony Pictures
In December 2014, hackers released 40 GB of data stolen from Sony Pictures. The information was made readily available on the Internet and sent to different media outlets, including BuzzFeed. It’s unclear what the true objective of the hackers was, but it’s possible that they were connected with the North Korean government.
When asked by BBC whether the North Korean government was responsible for what may be the most encompassing and embarrassing hack of all times, the government official responded “Wait and see”. If that country is indeed involved, it could be due to the upcoming comedy film “The Interview”, which is built around an attempt to assassinate North Korean leader Kim Jong-un.
Regardless of who is responsible for hacking into Sony’s database, the fact that they were able to do so is more than embarrassing for the company. After all, Sony PlayStation online gaming networks were hacked only 3-½ years prior. The previous leak affected over 25 million customers.
Unfortunately for the company, it turns out that enlisting three independent computer security and forensic consulting firms to assess the damage and find the culprit did nothing to prevent the most recent hack. Apparently, the information now available online sat on company servers without encryption.
The sheer volume of data the hackers were able to access is quite unbelievable. In addition to unreleased films, hackers were able to view salaries and bonuses of 6,800 staff members, Social Security numbers for 3,800 employees, email exchanges with emails regarding medical treatments, disciplinary letters, performance evaluations, and more.
Even trivial information can be found as well as information that has nothing to do with Sony itself. For example, the hack revealed a document outlining the breastfeeding diet of a senior executive.
According to an internal email Sony sent to its employees, the company warns everyone that any information Sony possesses about its employees may now be in the hands of hackers available for potential misuse.
Security Breaches in the Media
While Sony Pictures probably won’t suffer significant box office losses due to the stolen unreleased films, the financial costs of the attack are difficult to estimate. This incident, along with the cyberattacks targeting Sony PlayStation in 2011, may lead to consumers questioning Sony’s ability to keep information safe and secure. And we all know that implementing security measures doesn’t come cheaply without the loss of employee and customer goodwill.
While the hackers retrieved a large amount of data from Sony, it’s still unclear whether it will do them any good. And while the files included personal information on many of Sony’s employees, hackers probably won’t have any use for most of the other data. While Sony will be under public scrutiny for a long time, it’s unclear what the repercussions for the company will be as a result of this leak.
Taking Steps to Prevent Data Loss
It’s inconceivable that Sony Pictures would store large amounts of data on an unencrypted server. It’s also unclear how a company of that magnitude wouldn’t implement and audit cybersecurity measures on a more regular basis. Hopefully, the third time won’t be a charm for Sony, and they’ll learn their lesson.
Preventing data loss is not as difficult as it sounds, and encrypting information is not difficult to do. At eFileCabinet, we encrypt all of your information because you deem it important enough to save. And to prevent unauthorized access to your files, you have the ability to set up user-based roles, ensuring the safety and security of your company’s files.