On November 24, 2014, a hacker group which identified itself by the name "Guardians of Peace" (GOP) leaked a release of confidential data from the film studio Sony Pictures. The data included personal information about Sony Pictures employees and their families, e-mails between employees, information about executive salaries at the company, copies of then-unreleased Sony films, and other information.
In November 2014, the GOP group demanded that Sony pull its film The Interview, a comedy about a plot to assassinate North Korean leader Kim Jong-Un, and threatened terrorist attacks at cinemas screening the film. After major U.S. cinema chains opted not to screen the film in response to these threats, Sony elected to cancel the film's formal premiere and mainstream release, opting to skip directly to a digital release followed by a limited theatrical release the next day.
United States intelligence officials, after evaluating the software, techniques, and network sources used in the hack, alleged that the attack was sponsored by North Korea. North Korea has denied all responsibility.
The exact duration of the hack is yet unknown. U.S. investigators say the culprits spent at least two months copying critical files. A purported member of the Guardians of Peace (GOP) who have claimed to have performed the hack stated that they have had access for at least a year prior to its discovery in November 2014, according to Wired. The hackers involved claim to have taken more than 100 terabytes of data from Sony, but that claim has never been confirmed. The attack was conducted using malware. Although Sony was not specifically mentioned in its advisory, US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct attacks against a major entertainment company. Components of the attack included a listening implant, backdoor, proxy tool, destructive hard drive tool, and destructive target cleaning tool. The components clearly suggest an intent to gain repeated entry, extract information, and be destructive, as well as remove evidence of the attack. The cleaning tool used on Sony's computer infrastructure, Wiper, is a malware program designed to erase data from the servers.