Sonypictures Admits Data Security Incident
Sony Pictures Entertainment (SPE) has provided notice to the approximately 37,500 people who may have had some personally identifiable information stolen during the recent attack on sonypictures.com.
The company said that the stolen information did not include any credit card information, social security numbers or driver license numbers.
Behind the hack against Sony is LulzSec, a group that claims attacks on U.S. PBS television and Fox.com. The group on the 2nd of June said that it broke into servers that run Sony Pictures Entertainment websites. SPE said that it learned they were the target of a cyberattack by the press, when the hacker claimed that he had recently broken into sonypictures.com. Upon learning of this cyberattack, SPE's team retained outside experts to conduct an investigation and forensic analysis. In addition, the company promptly took offline all potentially affected databases containing personally identifiable information and contacted the U.S. Federal Bureau of Investigation.
"We are working with the FBI to assist in the identification of those responsible for this crime," SPE said.
"We believe that one or more unauthorized persons may have obtained some or all of the following information that you may have provided to us in connection with certain promotions or sweepstakes: name, address, email address, telephone number, gender, date of birth, and website password and user name," SPE added.
The company encourages users to be aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony Pictures Entertainment added that it would not contact users by email or otherwise to ask for their credit card number or social security number.
"If you are asked for this information, you can be confident Sony Pictures Entertainment is not the entity asking," the company said.
SPE also recommend users log on and change their password once the once the services are restored.
Behind the hack against Sony is LulzSec, a group that claims attacks on U.S. PBS television and Fox.com. The group on the 2nd of June said that it broke into servers that run Sony Pictures Entertainment websites. SPE said that it learned they were the target of a cyberattack by the press, when the hacker claimed that he had recently broken into sonypictures.com. Upon learning of this cyberattack, SPE's team retained outside experts to conduct an investigation and forensic analysis. In addition, the company promptly took offline all potentially affected databases containing personally identifiable information and contacted the U.S. Federal Bureau of Investigation.
"We are working with the FBI to assist in the identification of those responsible for this crime," SPE said.
"We believe that one or more unauthorized persons may have obtained some or all of the following information that you may have provided to us in connection with certain promotions or sweepstakes: name, address, email address, telephone number, gender, date of birth, and website password and user name," SPE added.
The company encourages users to be aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony Pictures Entertainment added that it would not contact users by email or otherwise to ask for their credit card number or social security number.
"If you are asked for this information, you can be confident Sony Pictures Entertainment is not the entity asking," the company said.
SPE also recommend users log on and change their password once the once the services are restored.