Corporate network pulled offline Credit: REUTERS/Yuya Shino UPDATE 4:This story has been updated in a new article, which is available here.UPDATE 3:Earlier this evening, an email was sent to Salted Hash from someone claiming to be an employee of Sony Pictures. The email used broken English, which would normally raise red flags, but the image attached to the curious message shows an alternate look at the message left on Sony Picture’s network, lending some credibility to the claim that it came from someone on the inside. However, this cannot be confirmed fully.The image shows the second half of the message left by GOP, the group that is taking credit for the security incident, which tells Sony Pictures how initiate contact with their attackers. The newest details are printed below, complete with typos. Post an email address and the following sentence on your twitter and facebook, and we’ll contact the email address.“Thanks a lot to God’sApstls contributing your great effort to peace of the world.”And even if you just try to seek out who we are, all of your data will be released at once.UPDATE 2:In a statement, a Sony Pictures Entertainment spokesperson offered a single answer to questions: “We are investigating an IT matter.”UPDATE:Sources close to the situation have told Salted Hash that they were within earshot when the director of the internal IT security team at Sony Pictures was informed about the compromise.After notification, employees were told to turn their computers off, disable Wi-Fi on their mobile devices, and to refrain from accessing the corporate VPN. We’re unable to confirm, but there are reports that some staff have been told to go home for the day, and others are being told to wait for access to be restored.Original Article:Sony Pictures is said to be in the middle of a security incident, based on reports from employees, after a group calling themselves GOP (Guardians of Peace) left a threatening message that was displayed on monitors across the network on Monday.The message is below:Hacked By #GOP Warning: We’ve already warned you, and this is just a beginning. We continue till our request be met. We’ve obtained all your Internal data, Including your secrets and top secret [clip] If you don’t obey us, we’ll release data shown below to the world. Determine what will you do till November the 24th, 11:00 PM (GMT).It’s said that Sony has disabled their corporate network in order to deal with this situation. Salted Hash has reached out to them for comment, in order to get a better understanding of the situation, but there was no response by deadline. Users on Reddit have downloaded the file referenced by the GOP, which contains lists of data allegedly compromised by the group. Salted Hash has seen the file promoted by GOP, and can confirm the findings on Reddit in full.Among the items reported as compromised, GOP says they’ve accessed private key files; source code files (CPP), password files (including passwords for Oracle and SQL databases), inventory lists for hardware and other assets, production outlines and templates, as well as production schedules and notes.According to the warning GOP says they plan to publish the compromised data later this evening. This story will be updated with further developments. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe