This article was published on December 3, 2014

New Sony Pictures leak appears to contain lists of passwords in plain text, security certificates


New Sony Pictures leak appears to contain lists of passwords in plain text, security certificates

Today, we received an email tipping us off to a new leak from GOP, the group claiming to have attacked Sony Pictures last week.

Screen_Shot_2014-12-04_at_10_33_44_am

The new dump of files appears to be a collection of Sony’s security certificates, signing keys, private keys for accessing servers and endless lists of passwords in plain-text spreadsheets.

Reportedly found in a folder called “Password,” a huge list of Excel files (many of which are unprotected) contained scores of what appear to be passwords for almost every system imaginable, from phones to AMEX logins and more.

FTP_LOGIN_PASSWORD_SHEET

One file called “computer passwords” reportedly appeared to contain user credentials for logging onto the corporate network, while another entitled “Social Password Log” contains passwords for movie accounts on social media, which is likely how hackers compromised many movie accounts.

As Sony fights to regain control of its network, the company is attempting to figure out who to point the finger at for the attacks. The latest reports suggest North Korea may be named, however Sony downplayed this in a comment today.

We’ve contacted Sony Pictures and will update if we hear back.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with


Published
Back to top