Sony's Stolen Social Media Passwords Were all Labelled 'Password'

By Gizmodo on at

By Adam Clark Estes and Ashley Feinberg

It's been a rough week for Sony execs (million-dollar salaries notwithstanding). And things are only going to get worse. Which would almost be enough to make you feel bad for the poor schmucks in IT—that is, until you realise that they hid their most sensitive password data under the label "Passwords." Can you guess what's inside?

Yep, it's thousands of usernames and passwords. Go ahead and slam your head on something hard. We'll wait.

The second trove of data snuck out sometime yesterday, and it didn't take long for Buzzfeed to stumble upon a bunch of documents that "includes 139 Word documents, Excel spreadsheets, zip files, and PDF's containing thousands of of passwords to Sony Pictures internal computers, social media accounts, and web services accounts."

The kicker? Most of the files are plainly labelled with titles like 'password list.xls' or 'YouTube login passwords.xlsx.' Who would have guessed that when hackers go looking for sensitive information like login credentials, they search for the word "password"?

Of course and unfortunately, it shouldn't really be a surprise that humans are lazy, unimaginative and just generally the worst when it comes to protecting our precious online data. But god damn it, Sony IT. You had one job. [Fusion, Buzzfeed]