Skip to main content

Sony Pictures was secretly attacked in February

Sony Pictures was secretly attacked in February

Share this story

New details from the Sony leaks suggest the studio may have faced compromise long before its recent breach. Emails published by Gawker indicate that some Sony servers had been infected with malware in February, a full nine months before the more recent attack. The breach specifically targeted SpiritWORLD, a system used to distribute media and financial information across the world on behalf of Sony Pictures. It's unclear whether the two compromises are related, but Gawker notes that the data in the February breach was exfiltrated from Brazil, and a large number of the initial documents concerned Brazilian markets.

The attack may simply be a coincidence, particularly given the widespread security failures detailed at Sony Pictures, but given the timing, it seems unlikely that the February attack can be linked to North Korea. (Kim Jong-un did not raise concerns about The Interview until June, shortly after the general plot of the film became public.) The studio also went to great lengths to keep the attack a secret, and there's little indication that internal security was reassessed in the wake of the attack.