Bean-counting giant Deloitte has been pulled into Sony Pictures' ongoing nightmare – the one in which the movie giant was comprehensively hacked and gigabytes of sensitive files leaked online.
Unreleased films, draft scripts, criminal record checks on staff, doctors' notes, passwords, encryption certificates, social security numbers, wage lists, employees' personal details, sales documents, and much, much more from the studio has been dumped onto file-sharing networks by miscreants.
And now, as pointed by culture blog Fusion, that embarrassing cache contains what seems to be financial records from Sony auditors Deloitte.
The Deloitte data, purported to be from 2005, includes bean-counters' addresses, job titles and salaries. The data shows a large disparity in the wages Deloitte pays its male and female staff – men are paid huge amounts more than women. A similar gender and race pay gap exists in Sony, too, it seems.
Deloitte is being measured in its response; a spokesperson told El Reg today:
We have seen coverage regarding what is alleged to be 9-year-old Deloitte data from a non-Deloitte system. We have not confirmed the veracity of this information at this time. Deloitte has long been recognized as a leader in its commitment to pay equality and all forms of inclusion.
Meanwhile, things are only getting weirder as Sony Pictures tries to get to the bottom of the massive breach. The entertainment goliath has had to ditch its compromised computers and revert to pen and paper. In November, staff realized hackers had struck when they found their PCs displaying banners bragging about the attack – and sensitive files started leaking out.
While a group of hackers known as Guardians of Peace has claimed responsibility for the hack, the exact nature of the security breach and the identity of its perpetrators remains in doubt.
On Wednesday this week, Apple blog Re/code claimed Sony was preparing to announce that it found North Korean hackers to be behind the attack. Sony eventually shot down the report, telling AP: "The investigation continues into this very sophisticated cyberattack. The re/code story is not accurate." ®