As Sony Pictures fights an uphill battle, working to minimize the post-breach damage while leaks continue to surface, the company's legal team has delivered a stern message to media covering the developments.
So far, a number of major publications, including The New York Times and The Hollywood Reporter, along with security journalist Brian Krebs, have received a three-page letter from Sony's attorney David Boies requesting that they destroy “stolen information” being disseminated in the Sony attack.
On Sunday, Re/code, which also received the request, published the letter in full.
“We are writing to ensure that you are aware that SPE [Sony Pictures Entertainment] does not consent to your possession, review, copying, dissemination, publication, uploading, downloading, or making any use of the stolen information, and to request your cooperation in destroying the stolen information,” the letter reads.
Boies also demanded that reporters notify the law firm, “as soon as you suspect that you may have possession of any of the stolen information,” and after destroying it, “confirm that such destruction has been completed.”
“If you do not comply with this request, and the stolen information is used or disseminated by you in any manner, SPE will have no choice but to hold you responsible for any damage or loss arising from use or dissemination by you…,” the letter warned.
This weekend, almost in tandem with Sony's counsel's warning, more leaks reportedly surfaced, including a draft of the screenplay for the next James Bond movie, “Spectre,” and emails belonging to Sony Pictures Releasing International President Steven O'Dell.
While hackers promise that more information will be dumped, particularly another trove of data Christmas day, the extent of the information exposed by the Sony breach, announced Nov. 24, is already quite extensive. One firm, Identity Finder, assessed the damage and estimated that more than 47,000 Social Security numbers were stolen from the entertainment giant. Previously, it was reported that corporate data, including employee birth dates, medical information, login credentials and sensitive human resources data (like salaries and information on terminations) was exposed. Several Sony films, including “Annie,” were also leaked online.
Mark Grossman, an attorney who chairs the technology law group at Tannenbaum Helpern Syracuse & Hirschtritt, told SCMagazine.com in a Monday interview that Sony is “really grasping at straws and trying to intimidate news organizations into not publishing the illegally obtained information.”
“Even if it's Social Security numbers that were stolen, Sony doesn't necessarily have that onus to bring that lawsuit. The owner of the Social Security number would have to [do that]. So they even have diminished rights there,” he said of the company.