One expects a seasoned media conglomerate to be careful with its passwords, but news has come out that Sony kept thousands of its passwords in an aptly titled folder "Passwords," meaning North Korean hackers had no problem in knowing where to go to steal that data.
The hermit kingdom's hackers recently stole thousands of private files from Sony's computers and then leaked it online. Among the leaked classified data are Social Security numbers of around 47,000 Sony employees and others, including celebrities such as Sylvester Stallone, Judd Apatow and Rebel Wilson – all of which were leaked online on Thursday.
Also stolen was the said "Password" file directory, which contained more than a 100 Word documents, Excel spreadsheets, zip files, and PDFs containing thousands of passwords to Sony Pictures’ internal computers, social media accounts and web services accounts. And as Buzzfeed found out, there wasn't even a hint of any security on any if the documents. Moreover, account credentials in most cases were so simple that any hacker worth his salt could’ve cracked it without breaking a sweat.
Aware of their blunder, Sony was probably expecting the leak, which explains their reluctance to address the hack. However, reports have come out that despite their calm facade, Sony Pictures Entertainment CEO Michael Lynton and co-chairman Amy Pascal sent out memos to their staff, dubbing the theft a “brazen attack on our company, our employees and our business partners.”
For a company of Sony’s size and history to be this lax with their security in this day and age is frightening. Let’s hope that they learn from this and take measures to avoid any similar incidents in future.