Sony Hack Spreads to Auditing Firm Deloitte

Sony Pictures Logo - P 2011

Sony Pictures Logo - P 2011

A 2005 spreadsheet detailing employee salaries at the New York-based firm was found among the Sony files, according to Fusion. Meanwhile, the studio says the investigation into the source of the attack is ongoing

The cyber attack on Sony Pictures Entertainment also has exposed detailed salary information for the New York-based auditing firm Deloitte, according to the latest revelation published by Fusion.

Fusion has been poring through Sony files that the hackers, calling themselves the Guardians of Peace, have sent to members of the media. The Deloitte spreadsheet comes after the site revealed Sony's top executive salaries and other sensitive studio information. Sony's top executives said in an email Tuesday that the hacked information is real and that the studio is working with the FBI to identify the source of the security breach.

The Deloitte information is said to have been sourced to an individual Sony employee. “The files appear to come from a single target’s computer," the Fusion report says. "While this person appears to be currently employed in human resources at Sony Pictures, the employee previously worked at Deloitte, and had saved some files.”

Read more Sony Hack: Studio Security Points to Inside Job

The file allegedly contains the 2005 salary information for 31,124 U.S. Deloitte employees. However, the file does not identify the name of individual employees, who are identified only by race and gender. According to Fusion, the report was compiled as part of a 2006 internal study of potential racial or gender biases within the company.

“We have seen coverage regarding what is alleged to be 9-year-old Deloitte data from a non-Deloitte system," Jonathan Gandel, director of brand, communications and corporate citizenship for Deloitte Services, said. "We have not confirmed the veracity of this information at this time.  Deloitte has long been recognized as a leader in its commitment to pay equality and all forms of inclusion.”

Other sensitive information leaked online includes employee feedback found in a text file titled "Sony_2012_Comments," according to Gawker's Sam Biddle. The feedback posted on the gossip website lists multiple comments and suggestions for Sony Pictures corporate strategy. "There is a general 'blah-ness' to the films we produce," reads a comment.

Studio sources and security experts interviewed by The Hollywood Reporter suggest the hack could be the work of a Sony insider. The website re/code said on Wednesday that the studio would soon announce its belief that the North Korean government is behind the security breach. But Sony was quick to shoot down that story. 

"The investigation continues into this very sophisticated cyber attack," a Sony rep said in a statement. "The re/code story is not accurate."