clock menu more-arrow no yes mobile

Filed under:

Sony Hack: What You Missed

A chronology of the worst corporate hack in recent memory

Vjeran Pavic for Re/code

On Nov. 24, a group of hackers calling themselves the Guardians of Peace unveiled the mother of all hacks: The break-in of the computer networks of Sony Pictures Entertainment. The group has claimed to have stolen just about everything and has steadily released a huge trove of emails from senior executives, the personal information of its employees, secrets about upcoming projects and five feature films. In all, the group said it has under 100 terabytes of data that it has disclosed periodically.

Shortly after the initial hack, Re/code reported North Korea was under investigation for the attack. The reclusive state had promised “merciless retaliation” for Sony’s upcoming film, “The Interview.”

Here’s what happened:

  • November 28: Re/code learned from sources that hackers working on behalf of the North Korean government were suspected of possible involvement in the Nov. 24 cyber attack against Sony Pictures Entertainment. This was when it was made public that Sony and security consultants were looking into whether this was a North Korean reprisal for the Sony-produced movie “The Interview,” in which North Korean dictator Kim Jong-un is assassinated by the CIA.
  • December 1: Though it wasn’t confirmed whether North Korea was behind the breach, everything we know about the country’s hacking capabilities suggests that it has the means to do some serious damage.
  • December 5: The hacking scandal took a turn for the scary, as some Sony Pictures Entertainment employees received a message from the hackers behind the breach, threatening to put their families “in danger.”
  • December 7: In a statement issued on Dec. 6, the North Korean government denied any involvement in the hack, but said the “supporters and sympathizers” behind it were performing a “righteous deed.”
  • December 9: Months before Sony was hit by hackers, emails revealed by the hackers show that company executives were concerned over the ending of “The Interview,” responding to Japanese fears of depicting the gory death of Kim Jong-un on screen. Emails between Sony Pictures Entertainment co-chairman Amy Pascal and “Interview” star Seth Rogen show frantic, last-minute back-and-forths in early October as Pascal and Rogen worked to placate Sony bosses.
  • December 10: After getting pummeled by the hackers, who stole just under 100 terabytes of company data, Sony Pictures Entertainment retaliated and aimed to stem the tide of illegal downloads of stolen Sony movies.
  • December 12: An audit of Sony conducted by PricewaterhouseCoopers found major gaps in the company’s cyber security infrastructure, months before the late November hack. Documents obtained by Re/code show that Sony Pictures failed to ensure the company’s corporate security division was monitoring all vulnerable company devices.
  • December 14: Re/code’s Dawn Chmielewski noted Hollywood’s historically difficult relationship with technology and how the cyber attacks have likely changed Tinseltown forever.
  • December 14: A lawyer representing Sony Pictures Entertainment sent a three-page letter to multiple media organizations (including Re/code, the New York Times and Gawker) ordering them to stop publishing information obtained from the hackers and get rid of existing copies. The letter states that Sony will hold those who continue publishing the information accountable for damage incurred.
  • December 16: In a note accompanying a trove of stolen documents, the hackers threatened a terrorist attack (referencing September 11th by name) targeting movie theaters screening “The Interview” across the country. Thus, a corporate crime became a matter of national security. Sony later disclosed it was coordinating with the FBI and Department of Homeland Security.
  • December 16: Lawyers representing former employees of Sony Pictures Entertainment sued the company for failure to properly secure confidential employee information.
  • December 17: With memories of the 2012 shooting in Aurora, Colo., rival studios urged theaters to not show the movie. Sony pulled the movie a few hours later.
  • December 19: In an email sent to Sony Entertainment boss Michael Lynton on Thursday night, the hackers threatened to continue releasing private Sony information unless the company ensured that “The Interview” never be released. This was in addition to the previous demand for the cancellation of the movie’s Dec. 25 release date.
  • December 19: The FBI identified North Korea as the culprit behind the Sony hack, citing a technical analysis that revealed similarities between this hack and others with confirmed North Korean involvement.
  • December 19: President Obama said Sony’s response to the hackers was a mistake. Sony blamed theater owners and other distributors for failing to volunteer to make the movie available. In his first major interview since the break-in, Lynton told CNN that it had no choice because it does not have a “direct interface with the American public,” apparently unaware that Sony owns Crackle, a movie streaming service, and, which sells digital movies.
  • December 22: Internet researchers told Re/code that North Korean networks “are under some kind of duress,” likely evidence of denial of service attacks directed at the tiny country’s servers by anonymous hackers. The White House had no comment.
  • December 22: Sony lawyers sent a letter to Twitter, threatening to sue the company if users continue to tweet out the contents of messages stolen in the hack.
  • December 23: After an overnight recovery, North Korean internet connections continued to suffer major disruptions for a second day.
  • December 23: Although Sony initially canceled all screenings of “The Interview,” the studio has now given the green light for a “limited theatrical release” on Christmas Day.
  • December 24: Sony now plans to make the movie available for rent online (both on its own site and on Google) — a move the studio normally wouldn’t have made but still a milestone for Hollywood.
  • January 18: Turns out the NSA has been hacking North Korea since 2010, according to the New York Times. That’s how the U.S. blamed North Korea so quickly after the Sony hack.

This article originally appeared on