Hackers may have stolen personal information pertaining to tens of thousands of Sony employees, cybersecurity expert and former Washington Post reporter Brian Krebs said on Tuesday.
Last week, Sony Pictures Entertainment’s website went down after its computer systems had been hacked, resulting in the leak of several unreleased movies, including Jay Z’s “Annie” reboot, among others.
But, according to Krebs, those hackers stole much more than unreleased movies. Multiple sources have told him that more than 25GB of personal data on Sony employees have been breached.
This data includes Social Security numbers, medical information, and salaries, according to Krebs.
Files currently being traded on torrent networks include a global list of Sony employees complete with names, locations, employee IDs, network usernames, base salaries, and birth dates for more than 6,000 employees. Krebs says he has seen this list himself.
Additionally, a separate file being traded online reveals names, birthdays, Social Security numbers, and health savings account data for about 700 employees. The document is dates back to April of this year, according to Krebs.
A group calling themselves the “Guardians of Peace,” or GOP for short, is believed to be behind the massive attack.
The North Korean government refused to deny allegations that the country may be behind the security breach, according to the BBC. When asked if North Korea was involved in the incident, a spokesperson said “Wait and see.”
We’ve reached out to Sony for more information on the situation and will update this article accordingly if we hear back.