The reach of a major cyberattack on Sony Pictures has expanded beyond the entertainment giant, exposing Deloitte employee salary information from 2005, a new report claims.
On Wednesday, Fusion disclosed that attackers leaked the information of more than 30,000 employees at the New York-based auditing and professional services firm. The incident appeared to be collateral damage in the Sony hack, where files from one compromised computer, apparently belonging to an employee in Sony’s human resources department, were pilfered, the outlet said.
“While the person appears to be currently employed in human resources at Sony Pictures, the employee had previously worked at Deloitte, and had saved some files,” Fusion reported. “These were exfiltrated with the other documents by the alleged hackers, who call themselves Guardians of Peace.”
The stolen spreadsheet allegedly contained the salary information of 31,124 Deloitte employees in the U.S., including the race, gender, and title of workers, though no names were listed with each entry.
Since last week, details on the extent of the Sony Pictures attack have continued emerge, including how the breach crippled Sony’s network operations, exposed sensitive employee data belonging to thousands, and resulted in the leak of Sony films, both released and yet to hit theaters.
On Wednesday, Re/code reported that Sony Pictures would soon name North Korea as the source of the major attack, but the same day, a spokeswoman at Sony told Variety that the story was “not accurate,” and that the company continues to investigate the “very sophisticated cyber attack.”
Reports recently surfaced on the possible involvement of North Korea in the Sony attack, given the timing of Sony’s film, “The Interview,” a comedy about a planned assassination on North Korean leader Kim Jong Un, which is slated for a Christmas release.