Stolen emails reveal lapses in Sony security practices

WASHINGTON (AP) — Stolen emails show that Sony Pictures Entertainment suffered significant technology outages in the weeks before a hacker break-in. The studio blamed software flaws and incompetent technical staffers who weren’t paying attention, even as hackers targeted executives to trick them into revealing their online credentials.

The emails also show that Sony Pictures’ chief executive was regularly reminded in unsecure emails of his own secret passwords for his and his family’s mail, banking, travel and shopping accounts.

The stolen files don’t reveal how hackers broke into Sony, who was involved or their motives. But they expose lax security practices inside Sony that include pasting passwords into emails, using easy-to-guess passwords and failing to encrypt especially sensitive materials. That includes confidential salary and revenue figures, strategic plans and medical information about some employees.

blog comments powered by Disqus